CVE-2015-0301
Adobe Flash Player < 13.0.0.260 and 14.x-16.x < 16.0.0.257 - Improper Input Validation
Title source: llmDescription
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.
References (10)
Core 10
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62371
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201502-02.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62740
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62177
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99981
Vendor Advisory x_refsource_confirm
http://helpx.adobe.com/security/products/flash-player/apsb15-01.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62252
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031525
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62187
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72034
Scores
EPSS
0.0517
EPSS Percentile
91.4%
Details
CWE
CWE-20
Status
published
Products (19)
adobe/adobe_air
< 15.0.0.356 (2 CPE variants)
adobe/adobe_air_sdk
< 15.0.0.356
adobe/adobe_air_sdk_and_compiler
< 15.0.0.356
adobe/flash_player
11.2.202.425
adobe/flash_player
14.0.0.125
adobe/flash_player
14.0.0.145
adobe/flash_player
14.0.0.176
adobe/flash_player
14.0.0.179
adobe/flash_player
15.0.0.144
adobe/flash_player
15.0.0.152
... and 9 more
Published
Jan 13, 2015
Tracked Since
Feb 18, 2026