CVE-2015-0310

CISA description

Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.

Required action

The impacted product is end-of-life and should be disconnected if still in use.

Notes & references

• https://nvd.nist.gov/vuln/detail/CVE-2015-0310

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

• RA-5 · Vulnerability Monitoring and Scanning
• SI-2 · Flaw Remediation
• CM-6 · Configuration Settings
• SI-7 · Software, Firmware, and Information Integrity
• CM-8 · System Component Inventory

External lookups

• NVD · CVE-2015-0310
• CVE.org · CVE-2015-0310
• CISA KEV catalog (canonical)