Lucene search

AdobeCVE-2015-8636

HistoryDec 28, 2015 - 11:59 p.m.

CVE-2015-8636

2015-12-2823:59:04

CWE-119

adobe

web.nvd.nist.gov

cve-2015-8636

adobe flash player

adobe air

memory corruption

arbitrary code

denial of service

nvd

vulnerability

security

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.16

Percentile

96.1%

JSON

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8645.

Affected configurations

Nvd

Node

adobeairRange≤20.0.0.204

AND

applemac_os_x

googleandroid

microsoftwindows

Node

adobeflash_playerRange≤18.0.0.268

adobeflash_playerMatch19.0.0.185

adobeflash_playerMatch19.0.0.207

adobeflash_playerMatch19.0.0.226

adobeflash_playerMatch19.0.0.245

adobeflash_playerMatch20.0.0.228

adobeflash_playerMatch20.0.0.235

AND

applemac_os_x

microsoftwindows

Node

adobeair_sdkRange≤20.0.0.204

adobeair_sdk_\&_compilerRange≤20.0.0.204

AND

appleiphone_os

applemac_os_x

googleandroid

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.554

AND

linuxlinux_kernel

VendorProductVersionCPE
adobeair*cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player19.0.0.185cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*
adobeflash_player19.0.0.207cpe:2.3:a:adobe:flash_player:19.0.0.207:*:*:*:*:*:*:*
adobeflash_player19.0.0.226cpe:2.3:a:adobe:flash_player:19.0.0.226:*:*:*:*:*:*:*
adobeflash_player19.0.0.245cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:*:*:*
adobeflash_player20.0.0.228cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	air	*	cpe:2.3:a:adobe:air::::::::
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
google	android	*	cpe:2.3:o:google:android::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
adobe	flash_player	19.0.0.185	cpe:2.3:a:adobe:flash_player:19.0.0.185:::::::*
adobe	flash_player	19.0.0.207	cpe:2.3:a:adobe:flash_player:19.0.0.207:::::::*
adobe	flash_player	19.0.0.226	cpe:2.3:a:adobe:flash_player:19.0.0.226:::::::*
adobe	flash_player	19.0.0.245	cpe:2.3:a:adobe:flash_player:19.0.0.245:::::::*
adobe	flash_player	20.0.0.228	cpe:2.3:a:adobe:flash_player:20.0.0.228:::::::*