CVE-2015-0340

CVE information

Published

7 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions via unspecified vectors..

CVSSv2.0 Score

Severity
Medium
Base Score
5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:16.0.0.305:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  No
-

Get started for free to scan for vulnerabilities

Companies of all sizes use Mageni to scan their assets for vulnerabilities. Mageni is free for 7-days then $39 USD Monthly regardless of how many IPs, scans, deployments or users you have. Cancel at Anytime and 7-days Money-Back Guarantee. Developed and supported by certified CompTIA PenTest+ professionals. Mageni contributes 1% of your subscription to removing CO₂ from the atmosphere.

Get Started For Free
App screenshot