Upstream information

CVE-2015-5130 at MITRE

Description

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entries: 941239 [RESOLVED / FIXED], 952254 [RESOLVED / INVALID]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • flash-player >= 11.2.202.508-0.14.1
  • flash-player-gnome >= 11.2.202.508-0.14.1
  • flash-player-kde4 >= 11.2.202.508-0.14.1
Patchnames:
sledsp3-flash-player-12025
SUSE Linux Enterprise Desktop 11 SP4
  • flash-player >= 11.2.202.508-0.14.1
  • flash-player-gnome >= 11.2.202.508-0.14.1
  • flash-player-kde4 >= 11.2.202.508-0.14.1
Patchnames:
sledsp4-flash-player-12025
SUSE Linux Enterprise Desktop 12 SP1
  • flash-player >= 11.2.202.548-111.1
  • flash-player-gnome >= 11.2.202.548-111.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Workstation Extension 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Desktop 12 SP2
  • wpa_supplicant >= 2.2-14.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA wpa_supplicant-2.2-14.2
SUSE Linux Enterprise Desktop 12 SP3
  • wpa_supplicant >= 2.2-14.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA wpa_supplicant-2.2-14.2
SUSE Linux Enterprise Desktop 12 SP4
  • wpa_supplicant >= 2.2-15.3.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP4 GA wpa_supplicant-2.2-15.3.1
SUSE Linux Enterprise Desktop 12
  • flash-player >= 11.2.202.508-99.1
  • flash-player-gnome >= 11.2.202.508-99.1
Patchnames:
SUSE-SLE-DESKTOP-12-2015-390
SUSE-SLE-WE-12-2015-390
SUSE Linux Enterprise High Performance Computing 12 SP5
  • wpa_supplicant >= 2.6-15.10.1
Patchnames:
SUSE Linux Enterprise High Performance Computing 12 SP5 GA wpa_supplicant-2.6-15.10.1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP1
  • flash-player >= 11.2.202.548-111.1
  • flash-player-gnome >= 11.2.202.548-111.1
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 SP1 GA flash-player-11.2.202.548-111.1
SUSE Linux Enterprise Server 12 SP2
  • wpa_supplicant >= 2.2-14.2
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA wpa_supplicant-2.2-14.2
SUSE Linux Enterprise Server 12 SP3
  • wpa_supplicant >= 2.2-14.2
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA wpa_supplicant-2.2-14.2
SUSE Linux Enterprise Server 12 SP4
  • wpa_supplicant >= 2.2-15.3.1
Patchnames:
SUSE Linux Enterprise Server 12 SP4 GA wpa_supplicant-2.2-15.3.1
SUSE Linux Enterprise Server 12 SP5
  • wpa_supplicant >= 2.6-15.10.1
Patchnames:
SUSE Linux Enterprise Server 12 SP5 GA wpa_supplicant-2.6-15.10.1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Workstation Extension 12
  • flash-player >= 11.2.202.508-99.1
  • flash-player-gnome >= 11.2.202.508-99.1
Patchnames:
SUSE-SLE-WE-12-2015-390
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • wpa_supplicant >= 2.2-14.2
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA wpa_supplicant-2.2-14.2


SUSE Timeline for this CVE

CVE page created: Tue Aug 11 11:16:44 2015
CVE page last modified: Fri Sep 13 11:53:45 2024