Lucene search

AdobeCVE-2015-3086

HistoryMay 13, 2015 - 11:00 a.m.

CVE-2015-3086

2015-05-1311:00:17

adobe

web.nvd.nist.gov

cve

adobe flash player

arbitrary code execution

type confusion

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.056

Percentile

93.3%

JSON

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-3077 and CVE-2015-3084.

Affected configurations

Nvd

Node

adobeflash_playerRange≤13.0.0.264

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.235

adobeflash_playerMatch16.0.0.257

adobeflash_playerMatch16.0.0.287

adobeflash_playerMatch16.0.0.296

adobeflash_playerMatch17.0.0.134

adobeflash_playerMatch17.0.0.169

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeairRange≤17.0.0.144

adobeair_sdkRange≤17.0.0.144

adobeair_sdk_\&_compilerRange≤17.0.0.144

Node

adobeflash_playerRange≤11.2.202.475

AND

linuxlinux_kernelMatch-

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player14.0.0.125cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
adobeflash_player14.0.0.145cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
adobeflash_player14.0.0.176cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
adobeflash_player14.0.0.179cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
adobeflash_player15.0.0.152cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
adobeflash_player15.0.0.167cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
adobeflash_player15.0.0.189cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
adobeflash_player15.0.0.223cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
adobeflash_player15.0.0.239cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
adobe	flash_player	14.0.0.125	cpe:2.3:a:adobe:flash_player:14.0.0.125:::::::*
adobe	flash_player	14.0.0.145	cpe:2.3:a:adobe:flash_player:14.0.0.145:::::::*
adobe	flash_player	14.0.0.176	cpe:2.3:a:adobe:flash_player:14.0.0.176:::::::*
adobe	flash_player	14.0.0.179	cpe:2.3:a:adobe:flash_player:14.0.0.179:::::::*
adobe	flash_player	15.0.0.152	cpe:2.3:a:adobe:flash_player:15.0.0.152:::::::*
adobe	flash_player	15.0.0.167	cpe:2.3:a:adobe:flash_player:15.0.0.167:::::::*
adobe	flash_player	15.0.0.189	cpe:2.3:a:adobe:flash_player:15.0.0.189:::::::*
adobe	flash_player	15.0.0.223	cpe:2.3:a:adobe:flash_player:15.0.0.223:::::::*
adobe	flash_player	15.0.0.239	cpe:2.3:a:adobe:flash_player:15.0.0.239:::::::*