Adobe Flash Player prior to 13.0.0.289 and 14.x up to and including 17.x prior to 17.0.0.188 on Windows and OS X and prior to 11.2.202.460 on Linux, Adobe AIR prior to 17.0.0.172, Adobe AIR SDK prior to 17.0.0.172, and Adobe AIR SDK & Compiler prior to 17.0.0.172 do not properly restrict discovery of memory addresses, which allows malicious users to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
adobe flash player |
||
adobe flash player 14.0.0.125 |
||
adobe flash player 14.0.0.145 |
||
adobe flash player 14.0.0.176 |
||
adobe flash player 14.0.0.179 |
||
adobe flash player 15.0.0.152 |
||
adobe flash player 15.0.0.167 |
||
adobe flash player 15.0.0.189 |
||
adobe flash player 15.0.0.223 |
||
adobe flash player 15.0.0.239 |
||
adobe flash player 15.0.0.246 |
||
adobe flash player 16.0.0.235 |
||
adobe flash player 16.0.0.257 |
||
adobe flash player 16.0.0.287 |
||
adobe flash player 16.0.0.296 |
||
adobe flash player 17.0.0.134 |
||
adobe flash player 17.0.0.169 |
||
adobe air sdk |
||
adobe air |
||
adobe air sdk & compiler |
Vulmon