Lucene search

[email protected]CVE-2015-8415

HistoryDec 10, 2015 - 5:59 a.m.

CVE-2015-8415

2015-12-1005:59:37

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-8415

buffer overflow

adobe flash player

security vulnerability

nvd

arbitrary code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.111 Low

EPSS

Percentile

95.2%

JSON

Buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

adobeflash_playerRange≤18.0.0.261

adobeflash_playerMatch19.0.0.185

adobeflash_playerMatch19.0.0.207

adobeflash_playerMatch19.0.0.226

adobeflash_playerMatch19.0.0.245

AND

applemac_os_x

microsoftwindows

Node

adobeairRange≤19.0.0.241

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.548

AND

linuxlinux_kernel

Node

adobeair_sdkRange≤19.0.0.241

adobeair_sdk_\&_compilerRange≤19.0.0.241

AND

appleiphone_os

applemac_os_x

googleandroid

microsoftwindows

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle18.0.0.261
adobe:flash_playeradobe flash playereq19.0.0.185
adobe:flash_playeradobe flash playereq19.0.0.207
adobe:flash_playeradobe flash playereq19.0.0.226
adobe:flash_playeradobe flash playereq19.0.0.245

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	18.0.0.261
adobe:flash_player	adobe flash player	eq	19.0.0.185
adobe:flash_player	adobe flash player	eq	19.0.0.207
adobe:flash_player	adobe flash player	eq	19.0.0.226
adobe:flash_player	adobe flash player	eq	19.0.0.245