Description Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
Severity: CRITICAL (9.3)
Published: Jan. 14, 2015
Modified: Sept. 8, 2017
Fixed packages References to Advisories, Solutions, and Tools Affected configurations: cpe:2.3:a:adobe:adobe_air_sdk_and_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:android:*:*
cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.144:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.238:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:16.0.0.234:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*