Main Vulnerability Database Vulnerabilities #VU5409

#VU5409 Information disclosure in Adobe products - CVE-2015-3044

Published: January 26, 2017

Vulnerability identifier: #VU5409

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2015-3044

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe AIR
Adobe Flash Player for Linux
Adobe Flash Player

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient access control. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, bypass security restrictions and gain access to important data.

Successful exploitation results in information disclosure on the vulnerable system.

Remediation

Install update from vendor's website.

External links

https://helpx.adobe.com/security/products/flash-player/apsb15-06.html

#VU5409 Information disclosure in Adobe products - CVE-2015-3044

Description

Remediation

External links

Please verify you're human