Lucene search

AdobeCVE-2015-8459

HistoryDec 28, 2015 - 11:59 p.m.

CVE-2015-8459

2015-12-2823:59:00

CWE-119

adobe

web.nvd.nist.gov

cve

adobe flash player

adobe air

arbitrary code execution

memory corruption

denial of service

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.16

Percentile

96.1%

JSON

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645.

Affected configurations

Nvd

Node

adobeair_sdkRange≤20.0.0.204

adobeair_sdk_\&_compilerRange≤20.0.0.204

AND

appleiphone_os

applemac_os_x

googleandroid

microsoftwindows

Node

adobeairRange≤20.0.0.204

AND

applemac_os_x

googleandroid

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.554

AND

linuxlinux_kernel

Node

adobeflash_playerRange≤18.0.0.268

adobeflash_playerMatch19.0.0.185

adobeflash_playerMatch19.0.0.207

adobeflash_playerMatch19.0.0.226

adobeflash_playerMatch19.0.0.245

adobeflash_playerMatch20.0.0.228

adobeflash_playerMatch20.0.0.235

AND

applemac_os_x

microsoftwindows

VendorProductVersionCPE
adobeair_sdk*cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
adobeair_sdk_\&_compiler*cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
adobeair*cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
adobeflash_player19.0.0.185cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	air_sdk	*	cpe:2.3:a:adobe:air_sdk::::::::
adobe	air_sdk_\&_compiler	*	cpe:2.3:a:adobe:air_sdk_\&_compiler::::::::
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
google	android	*	cpe:2.3:o:google:android::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::
adobe	air	*	cpe:2.3:a:adobe:air::::::::
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
adobe	flash_player	19.0.0.185	cpe:2.3:a:adobe:flash_player:19.0.0.185:::::::*