CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.1%
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code.
Below is a complete list of vulnerabilities
Technical details
Vulnerability (4) related to toString call.
Vulnerability (5) can be triggered via leveraging type confusion during getRemote call.
Vulnerability (6) can be exploited via large BitmapData.
To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel
Public exploits exist for this vulnerability.
CVE-2015-8050 critical
CVE-2015-8442 critical
CVE-2015-8064 critical
CVE-2015-8065 critical
CVE-2015-8069 critical
CVE-2015-8068 critical
CVE-2015-8067 critical
CVE-2015-8066 critical
CVE-2015-8402 critical
CVE-2015-8401 critical
CVE-2015-8071 critical
CVE-2015-8070 critical
CVE-2015-8404 critical
CVE-2015-8403 critical
CVE-2015-8047 critical
CVE-2015-8045 critical
CVE-2015-8049 critical
CVE-2015-8048 critical
CVE-2015-8443 critical
CVE-2015-8444 critical
CVE-2015-8428 critical
CVE-2015-8439 critical
CVE-2015-8440 critical
CVE-2015-8441 critical
CVE-2015-8456 critical
CVE-2015-8435 critical
CVE-2015-8436 critical
CVE-2015-8437 critical
CVE-2015-8438 critical
CVE-2015-8431 critical
CVE-2015-8424 critical
CVE-2015-8423 critical
CVE-2015-8420 critical
CVE-2015-8419 critical
CVE-2015-8422 critical
CVE-2015-8421 critical
CVE-2015-8416 critical
CVE-2015-8415 critical
CVE-2015-8418 critical
CVE-2015-8417 critical
CVE-2015-8062 critical
CVE-2015-8405 critical
CVE-2015-8406 critical
CVE-2015-8407 critical
CVE-2015-8408 critical
CVE-2015-8409 critical
CVE-2015-8410 critical
CVE-2015-8411 critical
CVE-2015-8412 critical
CVE-2015-8413 critical
CVE-2015-8414 critical
CVE-2015-8060 critical
CVE-2015-8061 critical
CVE-2015-8058 critical
CVE-2015-8059 critical
CVE-2015-8063 critical
CVE-2015-8057 critical
CVE-2015-8055 critical
CVE-2015-8454 critical
CVE-2015-8453 warning
CVE-2015-8452 critical
CVE-2015-8451 critical
CVE-2015-8450 critical
CVE-2015-8449 critical
CVE-2015-8448 critical
CVE-2015-8447 critical
CVE-2015-8446 critical
CVE-2015-8445 critical
CVE-2015-8427 critical
CVE-2015-8457 critical
CVE-2015-8425 critical
CVE-2015-8426 critical
CVE-2015-8056 critical
CVE-2015-8432 critical
CVE-2015-8429 critical
CVE-2015-8430 critical
CVE-2015-8433 critical
CVE-2015-8434 critical
CVE-2015-8455 critical
Update to the latest versionGet AIR
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
helpx.adobe.com/security/products/flash-player/apsb15-32.html
statistics.securelist.com/
threats.kaspersky.com/en/product/Adobe-AIR/
threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/
threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/
threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/