Upstream information

CVE-2015-5561 at MITRE

Description

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 941239 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • flash-player >= 11.2.202.508-0.14.1
  • flash-player-gnome >= 11.2.202.508-0.14.1
  • flash-player-kde4 >= 11.2.202.508-0.14.1
Patchnames:
sledsp3-flash-player-12025
SUSE Linux Enterprise Desktop 11 SP4
  • flash-player >= 11.2.202.508-0.14.1
  • flash-player-gnome >= 11.2.202.508-0.14.1
  • flash-player-kde4 >= 11.2.202.508-0.14.1
Patchnames:
sledsp4-flash-player-12025
SUSE Linux Enterprise Desktop 12 SP1
  • flash-player >= 11.2.202.548-111.1
  • flash-player-gnome >= 11.2.202.548-111.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Workstation Extension 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Desktop 12
  • flash-player >= 11.2.202.508-99.1
  • flash-player-gnome >= 11.2.202.508-99.1
Patchnames:
SUSE-SLE-DESKTOP-12-2015-390
SUSE-SLE-WE-12-2015-390
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP1
  • flash-player >= 11.2.202.548-111.1
  • flash-player-gnome >= 11.2.202.548-111.1
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Workstation Extension 12
  • flash-player >= 11.2.202.508-99.1
  • flash-player-gnome >= 11.2.202.508-99.1
Patchnames:
SUSE-SLE-WE-12-2015-390


SUSE Timeline for this CVE

CVE page created: Tue Aug 11 11:16:44 2015
CVE page last modified: Wed Sep 11 11:18:04 2024