Vulnerability CVE-2015-8646: Information

Description

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-8646
Published: Dec. 29, 2015
Modified: Feb. 17, 2017

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
adobe-flash-playerp911-alt5832-alt1110ALT-PU-2015-2208-1155485Fixed
adobe-flash-playerc9f211-alt5832-alt117ALT-PU-2015-2208-1155485Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
  • Patch
  • Vendor Advisory
79701
    SUSE-SU-2015:2402
      openSUSE-SU-2015:2403
        GLSA-201601-03
          SUSE-SU-2015:2401
            RHSA-2015:2697
              openSUSE-SU-2015:2400
                1034544
                  https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
                    https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
                      https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

                          1. Configuration 1

                            cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

                            Configuration 2

                            cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:19.0.0.207:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:19.0.0.226:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:flash_player:20.0.0.235:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

                            Configuration 3

                            cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
                            cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

                            Configuration 4

                            cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
                            Running on/with:
                            cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
                        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                        Version: v24.4.2
                        Back to top