Lucene search

K
cve[email protected]CVE-2015-8445
HistoryDec 10, 2015 - 6:00 a.m.

CVE-2015-8445

2015-12-1006:00:08
CWE-189
web.nvd.nist.gov
43
cve-2015-8445
integer overflow
adobe flash player
security vulnerability
execution of arbitrary code

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

AI Score

Confidence

High

0.056 Low

EPSS

Percentile

93.3%

Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a large BitmapData source object.

Affected configurations

NVD
Node
adobeair_sdkRange19.0.0.241
OR
adobeair_sdk_\&_compilerRange19.0.0.241
AND
appleiphone_os
OR
applemac_os_x
OR
googleandroid
OR
microsoftwindows
Node
adobeflash_playerRange11.2.202.548
AND
linuxlinux_kernel
Node
adobeairRange19.0.0.241
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange18.0.0.261
OR
adobeflash_playerMatch19.0.0.185
OR
adobeflash_playerMatch19.0.0.207
OR
adobeflash_playerMatch19.0.0.226
OR
adobeflash_playerMatch19.0.0.245
AND
applemac_os_x
OR
microsoftwindows

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

AI Score

Confidence

High

0.056 Low

EPSS

Percentile

93.3%