CVE-2015-3113

CRITICAL KEV

Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow

Title source: metasploit

Exploitation Summary

CVE-2015-3113 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 13, 2022. EIP tracks 2 public exploits from researchers including Metasploit, Unknown, juan vazquez, including a Metasploit module exploits/multi/browser/adobe_flash_nellymoser_bof.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Adobe Flash Player (CVE-2015-3113) via malformed Nellymoser audio data in an FLV file, achieving remote code execution on vulnerable systems. It targets Windows and Linux with specific Flash versions and delivers a payload through a crafted SWF and FLV file.

Description

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/37536

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Adobe Flash Player (CVE-2015-3113) via malformed Nellymoser audio data in an FLV file, achieving remote code execution on vulnerable systems. It targets Windows and Linux with specific Flash versions and delivers a payload through a crafted SWF and FLV file.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Adobe Flash Player (versions up to 18.0.0.160 on Windows, 11.2.202.466 on Linux)

No auth needed

Prerequisites: Vulnerable Adobe Flash Player version · Victim visits a malicious webpage hosting the exploit

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by Unknown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb

View Code ZIP pw:eip

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Adobe Flash Player (versions up to 18.0.0.160 on Windows, 11.2.202.466 on Linux)

No auth needed

Prerequisites: Vulnerable Adobe Flash Player version · User interaction (visiting malicious page)

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15

Core References

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=144050155601375&w=2

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1184.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html

Third Party Advisory x_refsource_confirm

https://www.suse.com/security/cve/CVE-2015-3113.html

Broken Link x_refsource_confirm

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1032696

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1235036

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201507-13

Issue Tracking x_refsource_confirm

https://bugzilla.suse.com/show_bug.cgi?id=935701

Broken Link, Patch, Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/flash-player/apsb15-14.html

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/75371

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3113

Issue Tracking

https://github.com/cisagov/vulnrichment/issues/196

Scores

CVSS v3 9.8

EPSS 0.9241

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2022-04-13

VulnCheck KEV 2015-06-23

InTheWild.io 2015-06-23

ENISA EUVD EUVD-2015-3194

CWE

CWE-122 CWE-787

Status published

Products (17)

adobe/flash_player < 13.0.0.296

hp/insight_orchestration < 7.5.0

hp/system_management_homepage < 7.5.0

hp/systems_insight_manager < 7.5

hp/version_control_agent < 7.5.0

hp/version_control_repository_manager 7.6

hp/version_control_repository_manager < 7.5.0

hp/virtual_connect_enterprise_manager < 7.5.0

opensuse/evergreen 11.4

opensuse/opensuse 13.1

... and 7 more

Published Jun 23, 2015

KEV Added Apr 13, 2022

Tracked Since Feb 18, 2026