Lucene search

AdobeCVE-2015-8820

HistoryMar 04, 2016 - 11:59 p.m.

CVE-2015-8820

2016-03-0423:59:08

CWE-787

adobe

web.nvd.nist.gov

cve-2015-8820

adobe flash player

adobe air

arbitrary code execution

denial of service

memory corruption

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.042

Percentile

92.4%

JSON

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658.

Affected configurations

Nvd

Node

adobeflash_playerRange≤11.2.202.548

AND

linuxlinux_kernelMatch-

Node

adobeflash_player_desktop_runtimeRange≤19.0.0.245

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤18.0.0.261esr

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

microsoftwindows_8Match-

microsoftwindows_8.1Match-

AND

adobeflash_playerRange≤19.0.0.245internet_explorer

Node

adobeflash_playerRange≤19.0.0.245chrome

AND

applemac_os_xMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

AND

adobeflash_playerRange≤19.0.0.245edge

Node

adobeair_desktop_runtimeRange≤19.0.0.241

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤19.0.0.241

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeair_sdk_\&_compilerRange≤19.0.0.241

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeairRange≤19.0.0.241

AND

googleandroidMatch-

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
adobeflash_player_desktop_runtime*cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_8-cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
adobe	flash_player_desktop_runtime	*	cpe:2.3:a:adobe:flash_player_desktop_runtime::::::::
apple	mac_os_x	-	cpe:2.3:o:apple:mac_os_x:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player:::::esr:::*
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*
microsoft	windows_8	-	cpe:2.3:o:microsoft:windows_8:-:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::internet_explorer::*