1. Home
  2. CVE Database
  3. CVE-2015-3101
MEDIUM · 4.3

CVE-2015-3101

The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before...

Vulnerability Description

The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, when Internet Explorer is used, allows attackers to perform a transition from Low Integrity to Medium Integrity via unspecified vectors.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
AdobeAir<= 17.0.0.144
GoogleAndroidAll versions
AdobeFlash Player<= 13.0.0.289
AppleMac Os X-
MicrosoftWindows-
AdobeAir Sdk<= 17.0.0.172
AdobeAir Sdk \& Compiler<= 17.0.0.172
LinuxLinux Kernel-

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2015-3101?

CVE-2015-3101 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before...

How severe is CVE-2015-3101?

CVE-2015-3101 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-3101?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Air, Google Android, Adobe Flash Player, Apple Mac Os X, Microsoft Windows.