CVE-2015-0336
EXPLOITEDAdobe Flash Player NetConnection Type Confusion
Title source: metasploitDescription
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0334.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/36962
metasploit
WORKING POC
GREAT
by Natalie Silvanovich, Unknown, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb
References (10)
Scores
EPSS
0.8866
EPSS Percentile
99.5%
Exploitation Intel
VulnCheck KEV
2015-06-05
Classification
Status
draft
Affected Products (16)
adobe/flash_player
< 13.0.0.264
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
adobe/flash_player
... and 1 more
Timeline
Published
Mar 13, 2015
Tracked Since
Feb 18, 2026