Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-nz4m-afmk-fbfy
Summary
Multiple vulnerabilities have been found in Adobe Flash Player, the
    worst of which allows remote attackers to execute arbitrary code.
Aliases
0
alias CVE-2015-3113
Fixed_packages
0
url pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
purl pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
Affected_packages
0
url pkg:rpm/redhat/flash-plugin@11.2.202.468-1?arch=el6_6
purl pkg:rpm/redhat/flash-plugin@11.2.202.468-1?arch=el6_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nz4m-afmk-fbfy
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.468-1%3Farch=el6_6
1
url pkg:rpm/redhat/flash-plugin@11.2.202.468-1?arch=el5
purl pkg:rpm/redhat/flash-plugin@11.2.202.468-1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nz4m-afmk-fbfy
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.468-1%3Farch=el5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3113.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3113.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3113
reference_id
reference_type
scores
0
value 0.9242
scoring_system epss
scoring_elements 0.99727
published_at 2026-04-01T12:55:00Z
1
value 0.9242
scoring_system epss
scoring_elements 0.99729
published_at 2026-04-13T12:55:00Z
2
value 0.9242
scoring_system epss
scoring_elements 0.9973
published_at 2026-04-18T12:55:00Z
3
value 0.9242
scoring_system epss
scoring_elements 0.99732
published_at 2026-04-21T12:55:00Z
4
value 0.9242
scoring_system epss
scoring_elements 0.99733
published_at 2026-04-24T12:55:00Z
5
value 0.9242
scoring_system epss
scoring_elements 0.99735
published_at 2026-04-26T12:55:00Z
6
value 0.92426
scoring_system epss
scoring_elements 0.99729
published_at 2026-04-04T12:55:00Z
7
value 0.92426
scoring_system epss
scoring_elements 0.99731
published_at 2026-04-11T12:55:00Z
8
value 0.92426
scoring_system epss
scoring_elements 0.9973
published_at 2026-04-09T12:55:00Z
9
value 0.92426
scoring_system epss
scoring_elements 0.99728
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3113
2
reference_url http://www.securitytracker.com/id/1032696
reference_id 1032696
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://www.securitytracker.com/id/1032696
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1235036
reference_id 1235036
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1235036
4
reference_url http://www.securityfocus.com/bid/75371
reference_id 75371
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://www.securityfocus.com/bid/75371
5
reference_url https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
reference_id apsb15-14.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
6
reference_url https://www.suse.com/security/cve/CVE-2015-3113.html
reference_id CVE-2015-3113.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://www.suse.com/security/cve/CVE-2015-3113.html
7
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
reference_id docDisplay?docId=emr_na-c04952467
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
8
reference_url https://security.gentoo.org/glsa/201507-13
reference_id GLSA-201507-13
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://security.gentoo.org/glsa/201507-13
9
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html
10
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html
reference_id msg00020.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html
11
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html
12
reference_url https://access.redhat.com/errata/RHSA-2015:1184
reference_id RHSA-2015:1184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1184
13
reference_url http://rhn.redhat.com/errata/RHSA-2015-1184.html
reference_id RHSA-2015-1184.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-1184.html
14
reference_url https://bugzilla.suse.com/show_bug.cgi?id=935701
reference_id show_bug.cgi?id=935701
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:56:07Z/
url https://bugzilla.suse.com/show_bug.cgi?id=935701
Weaknesses
Exploits
0
date_added 2015-07-08
description Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2015-07-08
exploit_type remote
platform multiple
source_date_updated 2017-04-01
data_source Exploit-DB
source_url
1
date_added 2022-04-13
description Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
required_action The impacted product is end-of-life and should be disconnected if still in use.
due_date 2022-05-04
notes https://nvd.nist.gov/vuln/detail/CVE-2015-3113
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform null
source_date_updated null
data_source KEV
source_url null
2
date_added null
description 
This module exploits a buffer overflow on Adobe Flash Player when handling nellymoser
          encoded audio inside a FLV video, as exploited in the wild on June 2015. This module
          has been tested successfully on:

          Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160,
          Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.160,
          Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.0.0.160,
          Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.466, and
          Ubuntu 14.04.2 LTS, Firefox 35.01, and Adobe Flash 11.2.202.466.

          Note that this exploit is effective against both CVE-2015-3113 and the
          earlier CVE-2015-3043, since CVE-2015-3113 is effectively a regression
          to the same root cause as CVE-2015-3043.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2015-06-23
exploit_type null
platform Linux,Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
Severity_range_score7.8 - 7.8
Exploitability2.0
Weighted_severity7.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-nz4m-afmk-fbfy