CVE-2015-0311

CRITICAL KEV RANSOMWARE

Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free

Title source: metasploit

Description

Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

Exploits (4)

nomisec WRITEUP

by jr64 · local

https://github.com/jr64/CVE-2015-0311

View Code ZIP pw:eip

github NO CODE

by d0now · angelscriptpoc

https://github.com/d0now/flash-cve-exploits/tree/master/cve-2015-0311.as

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/36360

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by Unknown, hdarwin, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb

View Code ZIP pw:eip

References (16)

[Vendor Advisory] http://helpx.adobe.com/security/products/flash-player/apsa15-01.html

[Broken Link] http://helpx.adobe.com/security/products/flash-player/apsb15-03.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00027.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00031.html

[Third Party Advisory] http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html

[Broken Link] http://secunia.com/advisories/62432

[Broken Link] http://secunia.com/advisories/62543

[Broken Link] http://secunia.com/advisories/62650

[Broken Link] http://secunia.com/advisories/62660

[Broken Link] http://secunia.com/advisories/62740

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-201502-02.xml

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/72283

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1031597

[Patch, Vendor Advisory] https://technet.microsoft.com/library/security/2755801

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-0311

[Issue Tracking] https://github.com/cisagov/vulnrichment/issues/196

Scores

CVSS v3 9.8

EPSS 0.9284

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-04-13

VulnCheck KEV 2015-01-20

InTheWild.io 2015-01-20

ENISA EUVD EUVD-2015-0324

Ransomware Use Confirmed

Classification

Status draft

Affected Products (7)

adobe/flash_player < 11.2.202.438

suse/linux_enterprise_desktop

suse/linux_enterprise_desktop

suse/linux_enterprise_workstation_extension

microsoft/internet_explorer

microsoft/internet_explorer

microsoft/edge

Timeline

Published Jan 23, 2015

KEV Added Apr 13, 2022

Tracked Since Feb 18, 2026