Vulnerability Details : CVE-2015-5122
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Public exploit exists!
CVE-2015-5122
is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Adobe Flash Player Use-After-Free Vulnerability
CISA required action:
The impacted product is end-of-life and should be disconnected if still in use.
CISA description:
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Added on
2022-04-13
Action due date
2022-05-04
Exploit prediction scoring system (EPSS) score for CVE-2015-5122
Probability of exploitation activity in the next 30 days: 97.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2015-5122
-
Adobe Flash opaqueBackground Use After Free
Disclosure Date: 2015-07-06First seen: 2020-04-26exploit/multi/browser/adobe_flash_opaque_background_uafThis module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public as part of the July 2015 data leak, was described as an Use After Free while handling the opaqueBackground property 7 setter of the flash.displ
CVSS scores for CVE-2015-5122
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
nvd@nist.gov |
References for CVE-2015-5122
-
https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
Adobe Security BulletinVendor Advisory
-
https://perception-point.io/new/breaking-cfi.php
Threat Intelligence Blog | Perception PointThird Party Advisory
-
http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf
Adobe Flash opaqueBackground Use After FreeThird Party Advisory
-
https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
Adobe Security BulletinVendor Advisory
-
https://www.exploit-db.com/exploits/37599/
Adobe Flash - opaqueBackground Use-After-Free (Metasploit)Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html
[security-announce] SUSE-SU-2015:1255-1: critical: Security update for fMailing List;Third Party Advisory
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS)Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html
[security-announce] openSUSE-SU-2015:1267-1: critical: flash-playerMailing List;Third Party Advisory
-
https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/
CVE-2015-5122: Exploitation using COOP | Perception PointThird Party Advisory
-
http://www.us-cert.gov/ncas/alerts/TA15-195A
Adobe Flash and Microsoft Windows Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
https://security.gentoo.org/glsa/201508-01
Adobe Flash Player: Multiple vulnerabilities (GLSA 201508-01) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/bid/75712
Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html
[security-announce] SUSE-SU-2015:1258-1: critical: Security update for fMailing List;Third Party Advisory
-
https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html
Second Adobe Flash Zero-Day CVE-2015-5122 from HackingTeam Exploited in Strategic Web Compromise Targeting Japanese Victims | FireEye IncThird Party Advisory
-
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1235.html
RHSA-2015:1235 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securitytracker.com/id/1032890
Adobe Flash Player Use-After-Free Memory Flaw Lets Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html
Adobe Flash opaqueBackground Use After Free ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.kb.cert.org/vuls/id/338736
VU#338736 - Adobe Flash ActionScript 3 opaqueBackground use-after-free vulnerabilityThird Party Advisory;US Government Resource
-
http://marc.info/?l=bugtraq&m=144050155601375&w=2
'[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities' - MARCMailing List;Third Party Advisory
Products affected by CVE-2015-5122
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
- Adobe » Flash Player » ESR EditionVersions from including (>=) 13.0 and up to, including, (<=) 13.0.0.302cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
- Adobe » Flash Player » For ChromeVersions from including (>=) 18.0 and up to, including, (<=) 18.0.0.204cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
- Adobe » Flash Player » For Internet Explorer 11Versions from including (>=) 18.0 and up to, including, (<=) 18.0.0.203cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*
- Adobe » Flash Player » For Internet Explorer 10Versions from including (>=) 18.0 and up to, including, (<=) 18.0.0.203cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- Adobe » Flash Player » For ChromeVersions from including (>=) 18.0 and up to, including, (<=) 18.0.0.203cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
- Adobe » Flash Player Desktop RuntimeVersions from including (>=) 18.0 and up to, including, (<=) 18.0.0.203cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*