CVE-2015-5122 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-5122 Interim 1 12 2024-07-04T02:02:29Z current 2021-05-30T13:31:32Z 2024-07-04T02:02:29Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-5122 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2015-July/001497.html E-Mail link for SUSE-SU-2015:1255-1 https://lists.suse.com/pipermail/sle-security-updates/2015-July/001498.html E-Mail link for SUSE-SU-2015:1258-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZBKCZ7MADGOZGZN2MZZ7VXTMFOALUVR2/#ZBKCZ7MADGOZGZN2MZZ7VXTMFOALUVR2 E-Mail link for openSUSE-SU-2015:1267-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-11.2.202.491-0.11.1 flash-player-11.2.202.491-96.1 flash-player-11.2.202.548-111.1 flash-player-gnome-11.2.202.491-0.11.1 flash-player-gnome-11.2.202.491-96.1 flash-player-gnome-11.2.202.548-111.1 flash-player-kde4-11.2.202.491-0.11.1 flash-player-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 flash-player-gnome-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 flash-player-kde4-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 flash-player-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 flash-player-gnome-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 flash-player-kde4-11.2.202.491-0.11.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 flash-player-11.2.202.491-96.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-gnome-11.2.202.491-96.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-11.2.202.491-96.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-gnome-11.2.202.491-96.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015. CVE-2015-5122 SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.491-0.11.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.491-96.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.491-96.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.491-96.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.491-96.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.548-111.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H