8.8
CVSSv3

CVE-2015-8652

Published: 04/03/2016 Updated: 21/11/2024

Vulnerability Summary

Adobe Flash Player prior to 18.0.0.268 and 19.x and 20.x prior to 20.0.0.228 on Windows and OS X and prior to 11.2.202.554 on Linux, Adobe AIR prior to 20.0.0.204, Adobe AIR SDK prior to 20.0.0.204, and Adobe AIR SDK & Compiler prior to 20.0.0.204 allow malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash player

adobe flash player desktop runtime

adobe air desktop runtime

adobe air sdk

adobe air sdk & compiler

adobe air

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes multiple security issuesis now available for Red Hat Enterprise Linux 5 and 6 SupplementaryRed Hat Product Security has rated this update as having Critical secur ...