Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2015-3097

Disclosure Date: June 10, 2015
CVE-2015-3097
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • adobe,
  • microsoft

Products

  • air,
  • air sdk,
  • air sdk & compiler,
  • flash player,
  • flash player 14.0.0.125,
  • flash player 14.0.0.145,
  • flash player 14.0.0.176,
  • flash player 14.0.0.179,
  • flash player 15.0.0.152,
  • flash player 15.0.0.167,
  • flash player 15.0.0.189,
  • flash player 15.0.0.223,
  • flash player 15.0.0.239,
  • flash player 15.0.0.246,
  • flash player 16.0.0.235,
  • flash player 16.0.0.257,
  • flash player 16.0.0.287,
  • flash player 16.0.0.296,
  • flash player 17.0.0.134,
  • flash player 17.0.0.169,
  • flash player 17.0.0.188,
  • windows 7
Technical Analysis