Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability (CVE-2015-5119)
Publish Date: 09 de czerwca de 2016
Severity: : Critical
CVE Kennungen: : CVE-2015-5119
Advisory Date: 07 de lipca de 2015
DESCRIPTION
Adobe Flash Player contains a vulnerability in the ActionScript 3 ByteArray class, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Ref: http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Patch: : https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
Trend Micro Deep Security DPI Rule Number: 1006824