ID CVE-2015-5564 Type cve Reporter NVD Modified 2018-01-04T21:30:16
Description
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.
{"id": "CVE-2015-5564", "bulletinFamily": "NVD", "title": "CVE-2015-5564", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.", "published": "2015-08-13T21:59:50", "modified": "2018-01-04T21:30:16", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5564", "reporter": "NVD", "references": ["https://security.gentoo.org/glsa/201508-01", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "http://www.securitytracker.com/id/1033235", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "http://rhn.redhat.com/errata/RHSA-2015-1603.html", "http://www.securityfocus.com/bid/76288", "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"], "cvelist": ["CVE-2015-5564"], "type": "cve", "lastseen": "2018-01-05T11:51:46", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:adobe:air_sdk:18.0.0.180", "cpe:/a:adobe:air_sdk_%26_compiler:18.0.0.180", "cpe:/a:adobe:flash_player:18.0.0.209", "cpe:/a:adobe:air:18.0.0.180", "cpe:/a:adobe:flash_player:11.2.202.491"], "cvelist": ["CVE-2015-5564"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.", "edition": 3, "enchantments": {"score": {"modified": "2017-09-21T17:49:44", "value": 6.0}}, "hash": "b7b0be797a128b7a62f56b714a71058caca6d8ed8aaf65b0616630a3eb4bde7a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "227202c8fc9fd4e1b4d7b2f869b33b23", "key": "href"}, {"hash": "c819151318f814c88b09e056aa9022c0", "key": "references"}, {"hash": "54a865e48788fbb7389292e97e3f4fd2", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "4ade4403c16544288b7929922380c732", "key": "published"}, {"hash": "132f6493a7a0d47c8732b83673e63a26", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "66ab4e770ed0f7956b7c80f22af57bef", "key": "title"}, {"hash": "cdddc339a84e44e33deaffb00306a55e", "key": "description"}, {"hash": "e4da2de04267fe253370b0553782b3d4", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5564", "id": "CVE-2015-5564", "lastseen": "2017-09-21T17:49:44", "modified": "2017-09-20T21:29:12", "objectVersion": "1.3", "published": "2015-08-13T21:59:50", "references": ["https://security.gentoo.org/glsa/201508-01", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "http://www.securitytracker.com/id/1033235", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "http://www.securityfocus.com/bid/76288", "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-5564", "type": "cve", "viewCount": 2}, "differentElements": ["references", "modified"], "edition": 3, "lastseen": "2017-09-21T17:49:44"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:adobe:air_sdk:18.0.0.180", "cpe:/a:adobe:air_sdk_%26_compiler:18.0.0.180", "cpe:/a:adobe:flash_player:18.0.0.209", "cpe:/a:adobe:air:18.0.0.180", "cpe:/a:adobe:flash_player:11.2.202.491"], "cvelist": ["CVE-2015-5564"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.", "edition": 2, "enchantments": {}, "hash": "63de95e0eef6c3f5a5edd3ee893f22fe833ceb377c093c56d5f669328034a25e", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "227202c8fc9fd4e1b4d7b2f869b33b23", "key": "href"}, {"hash": "1e23827419bd7e11c1ea75307cbdbaa4", "key": "modified"}, {"hash": "d8facb4e47404f7d8e5cd18d841a6658", "key": "references"}, {"hash": "54a865e48788fbb7389292e97e3f4fd2", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "4ade4403c16544288b7929922380c732", "key": "published"}, {"hash": "132f6493a7a0d47c8732b83673e63a26", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "66ab4e770ed0f7956b7c80f22af57bef", "key": "title"}, {"hash": "cdddc339a84e44e33deaffb00306a55e", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5564", "id": "CVE-2015-5564", "lastseen": "2017-04-18T15:57:35", "modified": "2017-02-16T21:59:02", "objectVersion": "1.2", "published": "2015-08-13T21:59:50", "references": ["https://security.gentoo.org/glsa/201508-01", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "http://www.securityfocus.com/bid/76288", "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-5564", "type": "cve", "viewCount": 1}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:57:35"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:adobe:air_sdk:18.0.0.180", "cpe:/a:adobe:air_sdk_%26_compiler:18.0.0.180", "cpe:/a:adobe:flash_player:18.0.0.209", "cpe:/a:adobe:air:18.0.0.180", "cpe:/a:adobe:flash_player:11.2.202.491"], "cvelist": ["CVE-2015-5564"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.", "edition": 1, "hash": "03bb00bc1748dbed7498aed1c5831e97ee6615a719d77ef1919d24f38854367e", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "227202c8fc9fd4e1b4d7b2f869b33b23", "key": "href"}, {"hash": "54a865e48788fbb7389292e97e3f4fd2", "key": "cpe"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "4ade4403c16544288b7929922380c732", "key": "published"}, {"hash": "e8ed6a942c4e67980229b718a772b29b", "key": "modified"}, {"hash": "132f6493a7a0d47c8732b83673e63a26", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6c5aa7009bb32799c39519f328b60b37", "key": "references"}, {"hash": "66ab4e770ed0f7956b7c80f22af57bef", "key": "title"}, {"hash": "cdddc339a84e44e33deaffb00306a55e", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5564", "id": "CVE-2015-5564", "lastseen": "2016-09-03T22:54:48", "modified": "2015-08-14T16:22:07", "objectVersion": "1.2", "published": "2015-08-13T21:59:50", "references": ["https://helpx.adobe.com/security/products/flash-player/apsb15-19.html"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-5564", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T22:54:48"}], "edition": 4, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "54a865e48788fbb7389292e97e3f4fd2"}, {"key": "cvelist", "hash": "132f6493a7a0d47c8732b83673e63a26"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "cdddc339a84e44e33deaffb00306a55e"}, {"key": "href", "hash": "227202c8fc9fd4e1b4d7b2f869b33b23"}, {"key": "modified", "hash": "d1e2347e223552f31bdab67c59217285"}, {"key": "published", "hash": "4ade4403c16544288b7929922380c732"}, {"key": "references", "hash": "e157dc8e4790181e5b3a16e911b22166"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "66ab4e770ed0f7956b7c80f22af57bef"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "f5721def4a3e6f7bb646d65dc49eb52d8b8b087bef6c1ba1193818840a0a9dcd", "viewCount": 2, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:adobe:air_sdk:18.0.0.180", "cpe:/a:adobe:air_sdk_%26_compiler:18.0.0.180", "cpe:/a:adobe:flash_player:18.0.0.209", "cpe:/a:adobe:air:18.0.0.180", "cpe:/a:adobe:flash_player:11.2.202.491"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"nessus": [{"id": "GENTOO_GLSA-201508-01.NASL", "type": "nessus", "title": "GLSA-201508-01 : Adobe Flash Player: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201508-01 (Adobe Flash Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Adobe Flash Player.\n Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.\n Workaround :\n\n There is no known workaround at this time.", "published": "2015-09-23T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=86089", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5965", "CVE-2015-5563", "CVE-2015-5123", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5122", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:41:25"}, {"id": "ADOBE_AIR_APSB15-19.NASL", "type": "nessus", "title": "Adobe AIR <= 18.0.0.180 Multiple Vulnerabilities (APSB15-19)", "description": "According to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 18.0.0.180. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566) \n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133) \n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85325", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:43:05"}, {"id": "MACOSX_FLASH_PLAYER_APSB15-19.NASL", "type": "nessus", "title": "Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19) (Mac OS X)", "description": "The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 18.0.0.209. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566) \n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133) \n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85328", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:37:31"}, {"id": "FREEBSD_PKG_F3778328D2884B3986A465877331EAF7.NASL", "type": "nessus", "title": "FreeBSD : Adobe Flash Player -- critical vulnerabilities (f3778328-d288-4b39-86a4-65877331eaf7)", "description": "Adobe reports :\n\nAdobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.\n\nThese updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562).\n\nThese updates include further hardening to a mitigation introduced in version 18.0.0.209 to defend against vector length corruptions (CVE-2015-5125).\n\nThese updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5124, CVE-2015-5564).\n\nThese updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-5129, CVE-2015-5541).\n\nThese updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133).\n\nThese updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553).\n\nThese updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-5560).", "published": "2015-08-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85370", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:34:15"}, {"id": "FLASH_PLAYER_APSB15-19.NASL", "type": "nessus", "title": "Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19)", "description": "The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.209. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566) \n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133) \n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85326", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:42:22"}, {"id": "REDHAT-RHSA-2015-1603.NASL", "type": "nessus", "title": "RHEL 5 / 6 : flash-plugin (RHSA-2015:1603)", "description": "An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player.\nThese vulnerabilities are detailed in the Adobe Security Bulletin APSB15-19 listed in the References section.\n\nMultiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5550, CVE-2015-5551, CVE-2015-5552, CVE-2015-5553, CVE-2015-5554, CVE-2015-5555, CVE-2015-5556, CVE-2015-5557, CVE-2015-5558, CVE-2015-5559, CVE-2015-5560, CVE-2015-5561, CVE-2015-5562, CVE-2015-5563, CVE-2015-5564)\n\nAll users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.508.", "published": "2015-08-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85372", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546"], "lastseen": "2017-10-29T13:42:35"}, {"id": "MACOSX_ADOBE_AIR_APSB15-19.NASL", "type": "nessus", "title": "Adobe AIR for Mac <= 18.0.0.180 Multiple Vulnerabilities (APSB15-16)", "description": "According to its version, the installation of Adobe AIR on the remote Mac OS X host is equal or prior to 18.0.0.180. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566) \n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133) \n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85327", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:39:20"}, {"id": "MACOSX_GOOGLE_CHROME_44_0_2403_155.NASL", "type": "nessus", "title": "Google Chrome < 44.0.2403.155 Multiple Vulnerabilities (Mac OS X)", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 44.0.2403.155. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85568", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:36:59"}, {"id": "GOOGLE_CHROME_44_0_2403_155.NASL", "type": "nessus", "title": "Google Chrome < 44.0.2403.155 Multiple Vulnerabilities", "description": "The version of Google Chrome installed on the remote Windows host is prior to 44.0.2403.155. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85567", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:35:21"}, {"id": "SMB_KB3087916.NASL", "type": "nessus", "title": "MS KB3087916: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer", "description": "The remote Windows host is missing KB3087916. It is, therefore, affected by multiple remote code execution vulnerabilities :\n\n - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)\n\n - An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)\n\n - Multiple user-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566) \n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2015-5129, CVE-2015-5541)\n\n - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133) \n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)\n\n - An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85329", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-10-29T13:39:57"}], "freebsd": [{"id": "F3778328-D288-4B39-86A4-65877331EAF7", "type": "freebsd", "title": "Adobe Flash Player -- critical vulnerabilities", "description": "\nAdobe reports:\n\nAdobe has released security updates for Adobe Flash Player.\n\t These updates address critical vulnerabilities that could\n\t potentially allow an attacker to take control of the affected\n\t system.\nThese updates resolve type confusion vulnerabilities that could\n\t lead to code execution (CVE-2015-5128, CVE-2015-5554,\n\t CVE-2015-5555, CVE-2015-5558, CVE-2015-5562).\nThese updates include further hardening to a mitigation\n\t introduced in version 18.0.0.209 to defend against vector\n\t length corruptions (CVE-2015-5125).\nThese updates resolve use-after-free vulnerabilities that could\n\t lead to code execution (CVE-2015-5550, CVE-2015-5551,\n\t CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134,\n\t CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559,\n\t CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5124,\n\t CVE-2015-5564).\nThese updates resolve heap buffer overflow vulnerabilities\n\t that could lead to code execution (CVE-2015-5129,\n\t CVE-2015-5541).\nThese updates resolve buffer overflow vulnerabilities that\n\t could lead to code execution (CVE-2015-5131, CVE-2015-5132,\n\t CVE-2015-5133).\nThese updates resolve memory corruption vulnerabilities that\n\t could lead to code execution (CVE-2015-5544, CVE-2015-5545,\n\t CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549,\n\t CVE-2015-5552, CVE-2015-5553).\nThese updates resolve an integer overflow vulnerability that\n\t could lead to code execution (CVE-2015-5560).\n\n", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/f3778328-d288-4b39-86a4-65877331eaf7.html", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2016-09-26T17:24:16"}], "gentoo": [{"id": "GLSA-201508-01", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-plugins/adobe-flash-11.2.202.508\"", "published": "2015-08-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201508-01", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5965", "CVE-2015-5563", "CVE-2015-5123", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5122", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2016-09-06T19:46:24"}], "redhat": [{"id": "RHSA-2015:1603", "type": "redhat", "title": "(RHSA-2015:1603) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-19\nlisted in the References section.\n\nMultiple flaws were found in the way flash-plugin displayed certain SWF\ncontent. An attacker could use these flaws to create a specially crafted\nSWF file that would cause flash-plugin to crash or, potentially, execute\narbitrary code when the victim loaded a page containing the malicious SWF\ncontent. (CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130,\nCVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539,\nCVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545, CVE-2015-5546,\nCVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5550, CVE-2015-5551,\nCVE-2015-5552, CVE-2015-5553, CVE-2015-5554, CVE-2015-5555, CVE-2015-5556,\nCVE-2015-5557, CVE-2015-5558, CVE-2015-5559, CVE-2015-5560, CVE-2015-5561,\nCVE-2015-5562, CVE-2015-5563, CVE-2015-5564)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.508.\n", "published": "2015-08-12T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1603", "cvelist": ["CVE-2015-5127", "CVE-2015-5128", "CVE-2015-5129", "CVE-2015-5130", "CVE-2015-5131", "CVE-2015-5132", "CVE-2015-5133", "CVE-2015-5134", "CVE-2015-5539", "CVE-2015-5540", "CVE-2015-5541", "CVE-2015-5544", "CVE-2015-5545", "CVE-2015-5546", "CVE-2015-5547", "CVE-2015-5548", "CVE-2015-5549", "CVE-2015-5550", "CVE-2015-5551", "CVE-2015-5552", "CVE-2015-5553", "CVE-2015-5554", "CVE-2015-5555", "CVE-2015-5556", "CVE-2015-5557", "CVE-2015-5558", "CVE-2015-5559", "CVE-2015-5560", "CVE-2015-5561", "CVE-2015-5562", "CVE-2015-5563", "CVE-2015-5564", "CVE-2015-5565", "CVE-2015-5566"], "lastseen": "2017-09-09T07:20:38"}], "openvas": [{"id": "OPENVAS:1361412562310805955", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities -01 Aug15 (Mac OS X)", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805955", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-07-02T21:12:15"}, {"id": "OPENVAS:1361412562310805957", "type": "openvas", "title": "Adobe Air Multiple Vulnerabilities-01 Aug15 (Windows)", "description": "This host is installed with Adobe Air and\n is prone to multiple vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805957", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-12-20T13:23:55"}, {"id": "OPENVAS:1361412562310805958", "type": "openvas", "title": "Adobe Air Multiple Vulnerabilities-01 Aug15 (Mac OS X)", "description": "This host is installed with Adobe Air and\n is prone to multiple vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805958", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-07-17T10:52:36"}, {"id": "OPENVAS:1361412562310805954", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities -01 Aug15 (Windows)", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805954", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-12-20T13:24:41"}, {"id": "OPENVAS:1361412562310805956", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities -01 Aug15 (Linux)", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805956", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2017-07-14T10:51:47"}, {"id": "OPENVAS:1361412562310121404", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201508-01", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201508-01", "published": "2015-09-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121404", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5965", "CVE-2015-5563", "CVE-2015-5123", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5122", "CVE-2015-3107", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2018-04-09T11:26:19"}], "kaspersky": [{"id": "KLA10650", "type": "kaspersky", "title": "\r KLA10650Multiple vulnerabilities in Adobe products\t\t\t ", "description": "### *CVSS*:\n10.0\n\n### *Detect date*:\n08/11/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code.\n\n### *Affected products*:\nAdobe Flash Player for Windows and OS X versions earlier than 18.0.0.232 \nAdobe Flash Player ESR versions earlier than 18.0.0.232 \nAdobe Flash Player for Linux versions earlier than 11.2.202.508 \nAdobe flash player at Google Chrome for Linux and Chrome OS versions earlier than 18.0.0.233 \nAdobe AIR versions earlier than 18.0.0.199 \n \n\n\n### *Solution*:\nUpdate to the latest version \n[Get Flash Player](<https://get.adobe.com/flashplayer/>) \n[Get AIR](<https://get.adobe.com/air/>)\n\n### *Original advisories*:\n[Adobe Security bulletin](<https://helpx.adobe.com/security/products/flash-player/apsb15-19.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Flash Player PPAPI](<https://threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/>)\n\n### *CVE-IDS*:\n[CVE-2015-5566](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5566>) \n[CVE-2015-5133](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5133>) \n[CVE-2015-5132](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5132>) \n[CVE-2015-5131](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5131>) \n[CVE-2015-5130](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5130>) \n[CVE-2015-5129](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5129>) \n[CVE-2015-5127](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5127>) \n[CVE-2015-5125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5125>) \n[CVE-2015-5134](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5134>) \n[CVE-2015-5539](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5539>) \n[CVE-2015-5540](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5540>) \n[CVE-2015-5541](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5541>) \n[CVE-2015-5544](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5544>) \n[CVE-2015-5545](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5545>) \n[CVE-2015-5546](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5546>) \n[CVE-2015-5547](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5547>) \n[CVE-2015-5548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5548>) \n[CVE-2015-5549](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5549>) \n[CVE-2015-5550](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5550>) \n[CVE-2015-5551](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5551>) \n[CVE-2015-5552](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5552>) \n[CVE-2015-5553](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5553>) \n[CVE-2015-5554](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5554>) \n[CVE-2015-5555](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5555>) \n[CVE-2015-5556](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5556>) \n[CVE-2015-5557](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5557>) \n[CVE-2015-5558](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5558>) \n[CVE-2015-5559](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5559>) \n[CVE-2015-5560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5560>) \n[CVE-2015-5561](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5561>) \n[CVE-2015-5562](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5562>) \n[CVE-2015-5563](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5563>) \n[CVE-2015-5564](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5564>) \n[CVE-2015-5565](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5565>) \n[CVE-2015-5124](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5124>)", "published": "2015-08-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10650", "cvelist": ["CVE-2015-5127", "CVE-2015-5553", "CVE-2015-5124", "CVE-2015-5539", "CVE-2015-5556", "CVE-2015-5130", "CVE-2015-5563", "CVE-2015-5565", "CVE-2015-5133", "CVE-2015-5557", "CVE-2015-5134", "CVE-2015-5561", "CVE-2015-5541", "CVE-2015-5551", "CVE-2015-5540", "CVE-2015-5564", "CVE-2015-5555", "CVE-2015-5554", "CVE-2015-5549", "CVE-2015-5544", "CVE-2015-5131", "CVE-2015-5562", "CVE-2015-5558", "CVE-2015-5547", "CVE-2015-5552", "CVE-2015-5545", "CVE-2015-5560", "CVE-2015-5566", "CVE-2015-5550", "CVE-2015-5132", "CVE-2015-5548", "CVE-2015-5559", "CVE-2015-5129", "CVE-2015-5546", "CVE-2015-5125"], "lastseen": "2018-03-30T14:11:41"}]}}