Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-8410

Published: 10/12/2015 Updated: 10/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Adobe

Vulnerability Summary

Use-after-free vulnerability in Adobe Flash Player prior to 18.0.0.268 and 19.x and 20.x prior to 20.0.0.228 on Windows and OS X and prior to 11.2.202.554 on Linux, Adobe AIR prior to 20.0.0.204, Adobe AIR SDK prior to 20.0.0.204, and Adobe AIR SDK & Compiler prior to 20.0.0.204 allows malicious users to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player 19.0.0.185

adobe flash_player

adobe flash_player 19.0.0.226

adobe flash_player 19.0.0.207

adobe flash_player 19.0.0.245

adobe air_sdk_\\&_compiler

adobe air_sdk

adobe air

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes multiple security issuesis now available for Red Hat Enterprise Linux 5 and 6 SupplementaryRed Hat Product Security has rated this update as having Critical secur ...

Exploits

Exploit DB: Adobe Flash MovieClip.attachBitmap - Use-After-Free
Source: codegooglecom/p/google-security-research/issues/detail?id=593 There is a use-after-free in MovieClipattachBitmap If the depth parameter is an object with valueOf defined, this method can free the MovieClip, which is then used A minimal PoC follows: thiscreateEmptyMovieClip("mc", 1); var b = new flashdisplayBitmapData(100, ...

References

NVD-CWE-Otherhttps://helpx.adobe.com/security/products/flash-player/apsb15-32.htmlhttp://www.securityfocus.com/bid/78715https://security.gentoo.org/glsa/201601-03http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.htmlhttp://www.securitytracker.com/id/1034318http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.htmlhttps://www.exploit-db.com/exploits/39040/https://access.redhat.com/errata/RHSA-2015:2593https://nvd.nist.govhttps://www.exploit-db.com/exploits/39040/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook