Kaspersky Threats

KLA10690
Multiple vulnerabilities in Adobe products

Обновлено: 18/06/2020

Дата обнаружения	10/11/2015
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities Type confusion vulnerability can be exploited to execute arbitrary code; An unknown vulnerability can be exploited to bypass security restrictions; Multiple use-after-free vulnerabilities could be exploited to execute arbitrary code. Technical details Vulnerability (2) can lead to writing some data to the file system with user permissions.
Пораженные продукты	Adobe Flash Player versions earlier than 19.0.0.245 Adobe Flash Player Extended Support Release versions earlier than 18.0.0.261 Adobe Flash Player for Linux versions earlier than 11.2.202.548 Adobe AIR versions earlier than 19.0.0.241
Решение	Update to the latest version Get Flash Player Get AIR
Первичный источник обнаружения	Adobe bulletin
Оказываемое влияние ?	ACE [?] OSI [?] SB [?]
Связанные продукты	Adobe Flash Player ActiveX Adobe AIR Adobe Flash Player NPAPI Adobe Flash Player PPAPI
CVE-IDS	CVE-2015-76569.3Critical CVE-2015-76559.3Critical CVE-2015-804310.0Critical CVE-2015-804410.0Critical CVE-2015-766310.0Critical CVE-2015-76529.3Critical CVE-2015-76619.3Critical CVE-2015-76627.8Critical CVE-2015-76599.3Critical CVE-2015-76519.3Critical CVE-2015-76549.3Critical CVE-2015-76539.3Critical CVE-2015-804610.0Critical CVE-2015-76579.3Critical CVE-2015-80429.3Critical CVE-2015-76609.3Critical CVE-2015-76589.3Critical
Эксплуатация	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/39020 https://www.exploit-db.com/exploits/39019 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.