Lucene search

AdobeCVE-2015-8409

HistoryDec 10, 2015 - 5:59 a.m.

CVE-2015-8409

2015-12-1005:59:31

adobe

web.nvd.nist.gov

cve-2015-8409

adobe flash player

adobe air

bypass access restrictions

security vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.5

Confidence

High

EPSS

0.439

Percentile

97.4%

JSON

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-8440 and CVE-2015-8453.

Affected configurations

Nvd

Node

adobeair_sdkRange≤19.0.0.241

adobeair_sdk_\&_compilerRange≤19.0.0.241

AND

appleiphone_os

applemac_os_x

googleandroid

microsoftwindows

Node

adobeflash_playerRange≤18.0.0.261

adobeflash_playerMatch19.0.0.185

adobeflash_playerMatch19.0.0.207

adobeflash_playerMatch19.0.0.226

adobeflash_playerMatch19.0.0.245

AND

applemac_os_x

microsoftwindows

Node

adobeairRange≤19.0.0.241

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.548

AND

linuxlinux_kernel

VendorProductVersionCPE
adobeair_sdk*cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
adobeair_sdk_\&_compiler*cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player19.0.0.185cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*
adobeflash_player19.0.0.207cpe:2.3:a:adobe:flash_player:19.0.0.207:*:*:*:*:*:*:*
adobeflash_player19.0.0.226cpe:2.3:a:adobe:flash_player:19.0.0.226:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	air_sdk	*	cpe:2.3:a:adobe:air_sdk::::::::
adobe	air_sdk_\&_compiler	*	cpe:2.3:a:adobe:air_sdk_\&_compiler::::::::
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
google	android	*	cpe:2.3:o:google:android::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
adobe	flash_player	19.0.0.185	cpe:2.3:a:adobe:flash_player:19.0.0.185:::::::*
adobe	flash_player	19.0.0.207	cpe:2.3:a:adobe:flash_player:19.0.0.207:::::::*
adobe	flash_player	19.0.0.226	cpe:2.3:a:adobe:flash_player:19.0.0.226:::::::*