Multiple vulnerabilities in Adobe products

Description

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Type confusion, use-after-free, buffer overflow and memory corruption can be exploited to execute arbitrary code via an unknown vectors;
2. Lack of content validation can be exploited remotely vi a specially designed JSONP API callbacks;
3. An unknown vulnerabilities can be exploited remotely via an unknown vectors to obtain sensitive information.

Original advisories

• Adobe bulletin

Exploitation

Public exploits exist for this vulnerability.

Related products

• Adobe-Flash-Player-ActiveX
• Adobe-AIR
• Adobe-Flash-Player-NPAPI
• Adobe-Flash-Player-PPAPI

CVE list

• CVE-2015-5573
  critical
• CVE-2015-5574
  critical
• CVE-2015-5575
  critical
• CVE-2015-5576
  critical
• CVE-2015-5577
  critical
• CVE-2015-5578
  critical
• CVE-2015-5579
  critical
• CVE-2015-5580
  critical
• CVE-2015-5581
  critical
• CVE-2015-5582
  critical
• CVE-2015-5587
  critical
• CVE-2015-5584
  critical
• CVE-2015-6676
  critical
• CVE-2015-5588
  critical
• CVE-2015-6678
  critical
• CVE-2015-6677
  critical
• CVE-2015-6682
  critical
• CVE-2015-6679
  critical
• CVE-2015-5567
  critical
• CVE-2015-5572
  critical
• CVE-2015-5571
  warning
• CVE-2015-5570
  critical
• CVE-2015-5568
  critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com