10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.288 Low
EPSS
Percentile
96.4%
Memory corruption vulnerabilities that could lead to code execution.
Credited to Kai Kang of Tencent’s Xuanwu LAB.
Memory corruption vulnerabilities that could lead to code execution.
Credited to Jie Zeng of Qihoo 360.
Use-after-free vulnerabilities that could lead to code execution.
Credited to Ben Hawkes, Mateusz Jurczyk and Natalie Silvanovich of
Google Project Zero.
Memory corruption vulnerabilities that could lead to code execution.
Credited to Ben Hawkes, Mateusz Jurczyk and Natalie Silvanovich of
Google Project Zero.
Use-after-free vulnerabilities that could lead to code execution.
Credited to Anonymous working with HP’s Zero Day Initiative.
Use-after-free vulnerabilities that could lead to code execution.
Credited to Yuki Chen of Qihoo 360 Vulcan Team.
Type confusion vulnerability that could lead to code execution. Credited
to Natalie Silvanovich of Google Project Zero.
Memory corruption vulnerabilities that could lead to code execution.
Credited to Jaehun Jeong (@n3sk) of WINS, WSEC Analysis Team working
with Chromium Vulnerability Reward Program.
Use-after-free vulnerabilities that could lead to code execution.
Credited to Anonymous working with HP’s Zero Day Initiative.
Integer overflow vulnerability that could lead to code execution.
Credited to Kai Wang and Hunter Gao of Huawei’s IT Infrastructure &
Security Dept, BPIT&QM.
Adobe is aware of a report that an exploit for CVE-2015-8651 is being
used in limited, targeted attacks.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | flashplugin | < 11.2.202.559-1 | UNKNOWN |
any | any | any | lib32-flashplugin | < 11.2.202.559-1 | UNKNOWN |
access.redhat.com/security/cve/CVE-2015-8459
access.redhat.com/security/cve/CVE-2015-8460
access.redhat.com/security/cve/CVE-2015-8634
access.redhat.com/security/cve/CVE-2015-8635
access.redhat.com/security/cve/CVE-2015-8636
access.redhat.com/security/cve/CVE-2015-8638
access.redhat.com/security/cve/CVE-2015-8639
access.redhat.com/security/cve/CVE-2015-8640
access.redhat.com/security/cve/CVE-2015-8641
access.redhat.com/security/cve/CVE-2015-8642
access.redhat.com/security/cve/CVE-2015-8643
access.redhat.com/security/cve/CVE-2015-8644
access.redhat.com/security/cve/CVE-2015-8645
access.redhat.com/security/cve/CVE-2015-8646
access.redhat.com/security/cve/CVE-2015-8647
access.redhat.com/security/cve/CVE-2015-8648
access.redhat.com/security/cve/CVE-2015-8649
access.redhat.com/security/cve/CVE-2015-8650
access.redhat.com/security/cve/CVE-2015-8651
helpx.adobe.com/security/products/flash-player/apsb16-01.html
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.288 Low
EPSS
Percentile
96.4%