9.3
CVE-2015-7659
- EPSS 6.17%
- Veröffentlicht 11.11.2015 12:59:57
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 11.2.202.540
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.17% | 0.926 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://rhn.redhat.com/errata/RHSA-2015-2024.html
https://security.gentoo.org/glsa/201511-02
http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html
http://rhn.redhat.com/errata/RHSA-2015-2023.html
http://www.securitytracker.com/id/1034111
https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
http://www.securityfocus.com/bid/77534
http://www.zerodayinitiative.com/advisories/ZDI-15-566