Vulnerability CVE-2015-6677: Information

Description

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588.

Severity: CRITICAL (10.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-6677

Published: Sept. 22, 2015

Modified: Feb. 17, 2017

Error type identifier: CWE-119

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
adobe-flash-player	p9	11-alt53	32-alt1110	ALT-PU-2015-1803-1	150378	Fixed
adobe-flash-player	c9f2	11-alt53	32-alt117	ALT-PU-2015-1803-1	150378	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html	Patch Vendor Advisory
76799
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841
GLSA-201509-07
openSUSE-SU-2015:1781
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
1033629
RHSA-2015:1814
SUSE-SU-2015:1618
openSUSE-SU-2015:1616
SUSE-SU-2015:1614
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Affected configurations:
1. Configuration 1
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
  cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:17.0.0.190:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:17.0.0.191:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:18.0.0.160:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:18.0.0.194:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:18.0.0.209:*:*:*:*:*:*:*
  cpe:2.3:a:adobe:flash_player:18.0.0.232:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Version: v24.4.2

Vulnerability CVE-2015-6677: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4