Lucene search

K
cve[email protected]CVE-2015-7643
HistoryOct 15, 2015 - 12:00 a.m.

CVE-2015-7643

2015-10-1500:00:11
web.nvd.nist.gov
46
cve-2015-7643
adobe flash player
use-after-free vulnerability
arbitrary code execution
security vulnerability
adobe air

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.2%

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7644.

Affected configurations

NVD
Node
adobeflash_playerRange19.0.0.185
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
adobeairRange19.0.0.190
AND
googleandroid
Node
adobeflash_playerRange11.2.202.521
AND
linuxlinux_kernelMatch-
Node
adobeairRange19.0.0.190
OR
adobeair_sdkRange19.0.0.190
OR
adobeair_sdk_\&_compilerRange19.0.0.190
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.2%