Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-8043

Published: 11/11/2015 Updated: 01/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Air

Vulnerability Summary

Use-after-free vulnerability in Adobe Flash Player prior to 18.0.0.261 and 19.x prior to 19.0.0.245 on Windows and OS X and prior to 11.2.202.548 on Linux, Adobe AIR prior to 19.0.0.241, Adobe AIR SDK prior to 19.0.0.241, and Adobe AIR SDK & Compiler prior to 19.0.0.241 allows malicious users to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe air

adobe air_sdk

adobe air_sdk_\\&_compiler

adobe flash_player

adobe flash_player 19.0.0.207

adobe flash_player 19.0.0.185

adobe flash_player 19.0.0.226

Vendor Advisories

Red Hat: CVE-2015-8043
Use-after-free vulnerability in Adobe Flash Player before 1800261 and 19x before 1900245 on Windows and OS X and before 112202548 on Linux, Adobe AIR before 1900241, Adobe AIR SDK before 1900241, and Adobe AIR SDK & Compiler before 1900241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnera ...

Exploits

Exploit DB: Adobe Flash GradientFill - Use-After-Frees
Source: codegooglecom/p/google-security-research/issues/detail?id=557 There are a number of use-after-free vulnerabilities in MovieClipbeginGradientFill If the spreadMethod or any other string parameter is an object with toString defined, this method can free the MovieClip, which is then used Note that many parameters to this function ...

References

NVD-CWE-Otherhttps://helpx.adobe.com/security/products/flash-player/apsb15-28.htmlhttp://www.securityfocus.com/bid/77533http://rhn.redhat.com/errata/RHSA-2015-2024.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2023.htmlhttp://lists.opensuse.org/opensuse-updates/2015-11/msg00071.htmlhttp://www.securitytracker.com/id/1034111https://security.gentoo.org/glsa/201511-02https://nvd.nist.govhttps://www.exploit-db.com/exploits/39022/https://access.redhat.com/security/cve/cve-2015-8043
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook