CVE-2015-5122

Published: Jul 14, 2015Modified: Apr 21, 2026CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

Affected (19)

Products: Adobe: Flash Player, Flash Player Desktop Runtime · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Opensuse: Evergreen · +1 more

Show all products

Adobe: Flash Player, Flash Player Desktop Runtime · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Opensuse: Evergreen · Suse: Linux Enterprise Desktop, Linux Enterprise Workstation Extension

Adobe

2 products

Flash Player

Flash Player Desktop Runtime

Redhat

4 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

Opensuse

1 product

Evergreen

Suse

2 products

Linux Enterprise Desktop

Linux Enterprise Workstation Extension

Configuration A

3 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	From 18.0 to 18.0.0.203
Adobe Flash Player	From 13.0 to 13.0.0.302
Adobe Flash Player Desktop Runtime	From 18.0 to 18.0.0.203

Running on/with	Platform Versions
Apple Macos	All versions
Microsoft Windows	All versions

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	From 18.0 to 18.0.0.204

Configuration C

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	From 18.0 to 18.0.0.203
Adobe Flash Player	From 18.0 to 18.0.0.203

Running on/with	Platform Versions
Microsoft Windows 8	All versions
Microsoft Windows 8.1	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	From 11.0 to 11.2.202.481

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Configuration E

7 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Eus	Version 6.6
Redhat Enterprise Linux Workstation	Version 5.0
Redhat Enterprise Linux Workstation	Version 6.0

Configuration F

5 vulnerable

Vulnerable Software	Affected Versions
Opensuse Evergreen	Version 11.4
Suse Linux Enterprise Desktop	Version 11 sp3
Suse Linux Enterprise Desktop	Version 11 sp4
Suse Linux Enterprise Desktop	Version 12
Suse Linux Enterprise Workstation Extension	Version 12

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (42)

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html

Source: psirt@adobe.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html

Source: psirt@adobe.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html

Source: psirt@adobe.com

Mailing ListThird Party Advisory

http://marc.info/?l=bugtraq&m=144050155601375&w=2

Source: psirt@adobe.com

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html

Source: psirt@adobe.com

ExploitThird Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2015-1235.html

Source: psirt@adobe.com

Third Party Advisory

http://www.kb.cert.org/vuls/id/338736

Source: psirt@adobe.com

Third Party AdvisoryUS Government Resource

http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf

Source: psirt@adobe.com

Third Party Advisory

http://www.securityfocus.com/bid/75712

Source: psirt@adobe.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1032890

Source: psirt@adobe.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.us-cert.gov/ncas/alerts/TA15-195A

Source: psirt@adobe.com

Third Party AdvisoryUS Government Resource

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784

Source: psirt@adobe.com

Broken LinkThird Party Advisory

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467

Source: psirt@adobe.com

Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsa15-04.html

Source: psirt@adobe.com

Broken LinkVendor Advisory

https://helpx.adobe.com/security/products/flash-player/apsb15-18.html

Source: psirt@adobe.com

Broken LinkVendor Advisory

https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/

Source: psirt@adobe.com

Broken LinkThird Party Advisory

https://perception-point.io/new/breaking-cfi.php

Source: psirt@adobe.com

Broken LinkThird Party Advisory

https://security.gentoo.org/glsa/201508-01

Source: psirt@adobe.com

Third Party Advisory

https://www.exploit-db.com/exploits/37599/

Source: psirt@adobe.com

ExploitThird Party AdvisoryVDB Entry

https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html

Source: psirt@adobe.com

Broken LinkThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html