9.3

CVE-2015-8634

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 18.0.0.268
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version19.0.0.185
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version19.0.0.207
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version19.0.0.226
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version19.0.0.245
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version20.0.0.228
   ApplemacOS X
   MicrosoftWindows
AdobeFlash Player Version20.0.0.235
   ApplemacOS X
   MicrosoftWindows
AdobeAir Sdk Version <= 20.0.0.204
   AppleiPhone OS
   ApplemacOS X
   GoogleAndroid
   MicrosoftWindows
AdobeFlash Player Version <= 11.2.202.554
   LinuxLinux Kernel
AdobeAir Version <= 20.0.0.204
   ApplemacOS X
   GoogleAndroid
   MicrosoftWindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 26.63% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html
http://rhn.redhat.com/errata/RHSA-2015-2697.html
http://www.securitytracker.com/id/1034544
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/79701
https://www.exploit-db.com/exploits/39221/