Zero-day Vulnerability Database

Change view

Zero-day vulnerabilities discovered: 10

Multiple vulnerabilities in Adobe Flash Player
CVE-2015-8651

Integer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to integer overflow. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Software: Adobe Flash Player

Known/fameous malware:

Exploit kits: Angler, Neutrino, Nuclear Pack and RIG

Remote code execution in Adobe Flash Player
CVE-2015-7645

Type confusion

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

Was used in Pawn Storm Campaign Targeting Foreign Affairs Ministries. Exploited by the Fancy Bear APT.
The vulnerability was reported by Peter Pi of Trend Micro.

Software: Adobe Flash Player

Known/fameous malware:

Exploit Kits: Angler, Hunter, Magnitude, Neutrino, Nuclear Pack, RIG, Spartan.

Was used in Pawn Storm Campaign Targeting Foreign Affairs Ministries. Exploited by the Fancy Bear APT.
The vulnerability was reported by Peter Pi of Trend Micro.

Two remote code execution vulnerabilities in Adobe Flash Player
CVE-2015-5123

тАЬUse-after-freeтАЭ error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the ActionScript 3 BitmapData class. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

The exploit code was revealed after Hacking Team data leak.

Software: Adobe Flash Player

Known/fameous malware:

SWF_EKSPLOYT.EDF. (TrendMicro).

The exploit code was revealed after Hacking Team data leak.

Two remote code execution vulnerabilities in Adobe Flash Player
CVE-2015-5122

тАЬUse-after-freeтАЭ error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the ActionScript 3 opaqueBackground class. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

The exploit code was revealed after Hacking Team data leak. The exploit was used against Japanese organizations.
The vulnerability was reported by Dhanesh Kizhakkinan of FireEye as well as Peter Pi of TrendMicro.

Software: Adobe Flash Player

Known/fameous malware:

Exploit kits: Angler EK - 2015-07-11 Neutrino - 2015-07-13 Nuclear Pack - 2015-07-14 RIG - 2015-07-14 Magnitude - 2015-07-15 NullHole - 2015-07-22 Spartan - 2015-09-11

The exploit code was revealed after Hacking Team data leak. The exploit was used against Japanese organizations.
The vulnerability was reported by Dhanesh Kizhakkinan of FireEye as well as Peter Pi of TrendMicro.

Remote code execution in Adobe Flash Player
CVE-2015-5119

Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted Web-site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of  the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

The exploit code was revealed after Hacking Team data leak. Was also used in phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups: APT3 and APT18.
The vulnerability was reported by Google Project Zero and Morgan Marquis-Boire.

Software: Adobe Flash Player

The exploit code was revealed after Hacking Team data leak. Was also used in phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups: APT3 and APT18.
The vulnerability was reported by Google Project Zero and Morgan Marquis-Boire.

Remote code execution in Adobe Flash Player
CVE-2015-3113

Heap-based buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when processing .swf files. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

Exploited by a China-based cyberespionage group. Operation Clandestine Wolf тАУ Adobe Flash Zero-Day in APT3 Phishing Campaign.

Software: Adobe Flash Player

Known/fameous malware:

Magnitude exploit kit.

Exploited by a China-based cyberespionage group. Operation Clandestine Wolf тАУ Adobe Flash Zero-Day in APT3 Phishing Campaign.

Multiple vulnerabilities in Adobe Flash Player
CVE-2015-3043

Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

Attackers exploited the vulnerabilities together to attack a government entity to and steal politically sensitive data that is a known target of the Russian group (APT campaign).

Software: Adobe Flash Player

Attackers exploited the vulnerabilities together to attack a government entity to and steal politically sensitive data that is a known target of the Russian group (APT campaign).

Multiple vulnerabilities in Adobe Flash Player
CVE-2015-0313

Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

The vulnerability was used during malwertising campaign against visitors of dailymotion.com.

Software: Adobe Flash Player

Known/fameous malware:

SWF_EXPLOIT.MJST
Hanjuan Exploit Kit

The vulnerability was used during malwertising campaign against visitors of dailymotion.com.

Remote code execution in Adobe Flash Player
CVE-2015-0311

Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

The vulnerability was discovered by French security researcher тАЬKafeineтАЭ.
It was actively being exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below. It was used by Angler EK and infected at least 1,800 known domains.

Software: Adobe Flash Player

Known/fameous malware:

SWF/Exploit.CVE-2015-0311.N(2)
Trojan.Swifi (Symantec)
Angler EK

The vulnerability was discovered by French security researcher тАЬKafeineтАЭ.
It was actively being exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below. It was used by Angler EK and infected at least 1,800 known domains.

Security bypass in Adobe Flash Player
CVE-2015-0310

Security bypass

The vulnerability allows a remote attacker to circumvent memory address randomization on the target system.

The weakness exists due to memory leak error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption, bypass memory address randomization on the Windows platform and obtain sensitive information.

Note: the vulnerability was being actively exploited.

i

The vulnerability was discovered and reported by security researcher Kafeine.
The vulnerability was used in attacks against older versions of Flash Player.

Software: Adobe Flash Player

Known/fameous malware:

Angler EK.

The vulnerability was discovered and reported by security researcher Kafeine.
The vulnerability was used in attacks against older versions of Flash Player.