KLA10727
Code execution vulnerabilities in Adobe Flash Player and AIR
Обновлено: 17/06/2019
Дата обнаружения
28/12/2015
Уровень угрозы
Critical
Описание

Type confusion, integer overflow, use-after-free and memory corruption vulnerabilities were found in Adobe products. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors.


Technical details

Exploit for some of these vulnerabilities is being used in limited targeted attacks.

Пораженные продукты

Adobe Flash Player versions earlier than 20.0.0.267
Adobe Flash Player Extended Support Release versions earlier than 18.0.0.324
Adobe Flash Player for Linux versions earlier than 11.2.202.559
Adobe AIR versions earlier than 20.0.0.233

Решение

Update to the latest version
Get Flash Player
Get AIR

Первичный источник обнаружения
Adobe Security bulletin
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
Adobe Flash Player ActiveX
Adobe AIR
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
CVE-2015-86349.3Critical
CVE-2015-84609.3Critical
CVE-2015-86419.3Critical
CVE-2015-86409.3Critical
CVE-2015-86439.3Critical
CVE-2015-86429.3Critical
CVE-2015-86369.3Critical
CVE-2015-86359.3Critical
CVE-2015-86399.3Critical
CVE-2015-86389.3Critical
CVE-2015-86449.3Critical
CVE-2015-86459.3Critical
CVE-2015-845910.0Critical
CVE-2015-86509.3Critical
CVE-2015-86519.3Critical
CVE-2015-86469.3Critical
CVE-2015-86479.3Critical
CVE-2015-86489.3Critical
CVE-2015-86499.3Critical