CVE-2015-0313

Known Exploited (CISA KEV)CRITICAL

9.8

CVSS Severity Score

EPSS Score41.5530%

EPSS Percentile89.99th

PublishedFeb 2, 2015

Last ModifiedApr 21, 2026

Vulnerability Description

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

Affected Platforms (CPE)

📦

Adobe

Flash Player

< 11.2.202.442

📦

Adobe

Flash Player

< 13.0.0.269

📦

Adobe

Flash Player

>= 14.0.0.125 and < 16.0.0.305

💻

Opensuse

Evergreen

= 11.4

💻

Opensuse

= 13.1

💻

Opensuse

= 13.2

💻

Suse

Linux Enterprise Desktop

= 11

💻

Suse

Linux Enterprise Desktop

= 12

💻

Suse

Linux Enterprise Workstation Extension

= 12

📦

Microsoft

Internet Explorer

= 10

📦

Microsoft

Internet Explorer

= 11

📦

Microsoft

Edge

All versions

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html

🔗 http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html

🔗 http://secunia.com/advisories/62528

🔗 http://secunia.com/advisories/62777

🔗 http://secunia.com/advisories/62895

Vulnerability Description

Affected Platforms (CPE)

Flash Player

Flash Player

Flash Player

Evergreen

Opensuse

Opensuse

Linux Enterprise Desktop

Linux Enterprise Desktop

Linux Enterprise Workstation Extension

Internet Explorer

Internet Explorer

Edge

References & Advisories

Related Vulnerabilities