Multiple vulnerabilities in Adobe Flash Player & AIR

Описание

Multiple serious vulnerabilities have been found in Adobe Flash Player & AIR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code.

Below is a complete list of vulnerabilities

1. An unknown vulnerability can be exploited to execute arbitrary code or bypass same origin policy via a specially designed Loader object and other unknown vectors;
2. Improper API implementation can be exploited via an unknown vectors.

---

Technical details

(1) can be exploited via a Loader object with specially designed loaderBytes property.

Первичный источник обнаружения

• Adobe bulletin
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Adobe-Flash-Player-ActiveX
• Adobe-AIR
• Adobe-Flash-Player-NPAPI
• Adobe-Flash-Player-PPAPI

Список CVE

• CVE-2015-7627
  critical
• CVE-2015-7628
  critical
• CVE-2015-7637
  critical
• CVE-2015-7636
  critical
• CVE-2015-7644
  critical
• CVE-2015-7635
  critical
• CVE-2015-5569
  critical
• CVE-2015-7625
  critical
• CVE-2015-7626
  critical
• CVE-2015-7630
  critical
• CVE-2015-7629
  critical
• CVE-2015-7643
  critical
• CVE-2015-7631
  critical
• CVE-2015-7641
  critical
• CVE-2015-7633
  critical
• CVE-2015-7639
  critical
• CVE-2015-7640
  critical
• CVE-2015-7638
  critical
• CVE-2015-7634
  critical
• CVE-2015-7632
  critical
• CVE-2015-7642
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com