Vulnerability CVE-2015-7632: Information

Description

Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property.

Severity: CRITICAL (9.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-7632
Published: Oct. 15, 2015
Modified: July 1, 2017
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
adobe-flash-playerp911-alt5432-alt1110ALT-PU-2015-1873-1151389Fixed
adobe-flash-playerc9f211-alt5432-alt117ALT-PU-2015-1873-1151389Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://helpx.adobe.com/security/products/flash-player/apsb15-25.html
  • Patch
  • Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-15-512
    77062
      RHSA-2015:2024
        1033797
          openSUSE-SU-2015:1744
            SUSE-SU-2015:1742
              RHSA-2015:1893
                SUSE-SU-2015:1740
                  openSUSE-SU-2015:1781
                    GLSA-201511-02

                        1. Configuration 1

                          cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

                          Configuration 2

                          cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

                          Configuration 3

                          cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

                          Configuration 4

                          cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
                          cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
                          cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
                          Running on/with:
                          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
                      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                      Version: v24.4.2
                      Back to top