Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:2015-0310-REGMCP |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Flash Player CVE-2015-0310 PCRE Memory Access Violation |
Release Date |
2015/02/04 |
Update Number |
2463 |
Supported Platforms |
idp-4.1+, isg-3.5.141818+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Adobe Flash Player CVE-2015-0310 PCRE Memory Access Violation
This signature detects an attempt to exploit an out of bounds memory access error while running a specially crafted Adobe Flash document. Successful exploitation could allow an attacker to terminate the running flash application which could lead to termination of Flash component.
Extended Description
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.
Affected Products
- Adobe flash_player 11.2.202.429
- Adobe flash_player 13.0.0.260
- Adobe flash_player 14.0.0.125
- Adobe flash_player 14.0.0.145
- Adobe flash_player 14.0.0.176
- Adobe flash_player 14.0.0.179
- Adobe flash_player 15.0.0.152
- Adobe flash_player 15.0.0.167
- Adobe flash_player 15.0.0.189
- Adobe flash_player 15.0.0.223
- Adobe flash_player 15.0.0.239
- Adobe flash_player 15.0.0.246
- Adobe flash_player 16.0.0.235
- Adobe flash_player 16.0.0.257
References
- CVE: CVE-2015-0310