Kaspersky Threats

Detect date

?

11/10/2015

Severity

?

Critical

Description

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code.

Below is a complete list of vulnerabilities

Type confusion vulnerability can be exploited to execute arbitrary code;
An unknown vulnerability can be exploited to bypass security restrictions;
Multiple use-after-free vulnerabilities could be exploited to execute arbitrary code.

Technical details

Vulnerability (2) can lead to writing some data to the file system with user permissions.

Affected products

Adobe Flash Player versions earlier than 19.0.0.245
Adobe Flash Player Extended Support Release versions earlier than 18.0.0.261
Adobe Flash Player for Linux versions earlier than 11.2.202.548
Adobe AIR versions earlier than 19.0.0.241

Solution

Update to the latest version
Get Flash Player
Get AIR

Original advisories

Adobe bulletin

Impacts

?

ACE

[?]

OSI

[?]

SB

[?]

Detect date ?	11/10/2015
Severity ?	Critical
Description	Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities Type confusion vulnerability can be exploited to execute arbitrary code; An unknown vulnerability can be exploited to bypass security restrictions; Multiple use-after-free vulnerabilities could be exploited to execute arbitrary code. Technical details Vulnerability (2) can lead to writing some data to the file system with user permissions.
Affected products	Adobe Flash Player versions earlier than 19.0.0.245 Adobe Flash Player Extended Support Release versions earlier than 18.0.0.261 Adobe Flash Player for Linux versions earlier than 11.2.202.548 Adobe AIR versions earlier than 19.0.0.241
Solution	Update to the latest version Get Flash Player Get AIR
Original advisories	Adobe bulletin
Impacts ?	ACE [?] OSI [?] SB [?]
Related products	Adobe Flash Player ActiveX Adobe AIR Adobe Flash Player NPAPI Adobe Flash Player PPAPI
CVE-IDS ?	CVE-2015-76569.3Critical CVE-2015-76559.3Critical CVE-2015-76529.3Critical CVE-2015-76619.3Critical CVE-2015-76627.8Critical CVE-2015-76599.3Critical CVE-2015-76519.3Critical CVE-2015-76549.3Critical CVE-2015-76539.3Critical CVE-2015-76579.3Critical CVE-2015-80429.3Critical CVE-2015-76609.3Critical CVE-2015-76589.3Critical
Exploitation	Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
	Find out the statistics of the vulnerabilities spreading in your region

KLA10690Multiple vulnerabilities in Adobe products

KLA10690
Multiple vulnerabilities in Adobe products