Unrated severityNVD Advisory· Published Apr 14, 2015· Updated May 6, 2026

CVE-2015-0353

Description

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Adobe Flash Player memory corruption vulnerability allows arbitrary code execution or denial of service via unspecified vectors, affecting multiple versions.

Vulnerability

CVE-2015-0353 is a memory corruption vulnerability in Adobe Flash Player affecting versions before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X, and before 11.2.202.457 on Linux [1][2]. The vulnerability is triggered via unspecified vectors, likely through crafted SWF content.

Exploitation

An attacker can exploit this vulnerability by convincing a user to open a malicious Flash file or visit a website hosting such content. No authentication or special privileges are required; user interaction is necessary [1][2].

Impact

Successful exploitation could lead to arbitrary code execution in the context of the affected user or denial of service due to memory corruption. This could result in full system compromise [1][2].

Mitigation

Adobe released updates to address this issue: version 17.0.0.169 for Windows and OS X, and version 11.2.202.457 for Linux. Red Hat and Gentoo advisories recommend updating Flash Player to the patched versions [1][2].

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Adobe Inc./Flashplayer17 versions
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=11.2.202.451
- cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:*
- (no CPE)range: <13.0.0.281, >=14.0 <17.0.0.169
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Desktop Supplementary2 versions
cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server Supplementary2 versions
cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server Supplementary Eus
cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation Supplementary
cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop2 versions
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
SUSE S.A./Suse Linux Workstation Extension
cpe:2.3:o:suse:suse_linux_workstation_extension:12.0:*:*:*:*:*:*:*
osv-coords2 versions
pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012 pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012
< 11.2.202.457-80.1+ 1 more
- (no CPE)range: < 11.2.202.457-80.1
- (no CPE)range: < 11.2.202.457-80.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/flash-player/apsb15-06.htmlnvdPatchVendor Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.htmlnvdThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.htmlnvdThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2015-0813.htmlnvdThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.htmlnvd
www.securityfocus.com/bid/74062nvd
www.securitytracker.com/id/1032105nvd
security.gentoo.org/glsa/201504-07nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000