Lucene search

K
cve[email protected]CVE-2015-8449
HistoryDec 10, 2015 - 6:00 a.m.

CVE-2015-8449

2015-12-1006:00:13
web.nvd.nist.gov
45
cve-2015-8449
use-after-free vulnerability
adobe
flash player
arbitrary code execution
lineto method call

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.909 High

EPSS

Percentile

98.9%

Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted lineTo method call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.

Affected configurations

NVD
Node
adobeairRange19.0.0.241
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange18.0.0.261
OR
adobeflash_playerMatch19.0.0.185
OR
adobeflash_playerMatch19.0.0.207
OR
adobeflash_playerMatch19.0.0.226
OR
adobeflash_playerMatch19.0.0.245
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange11.2.202.548
AND
linuxlinux_kernel
Node
adobeair_sdkRange19.0.0.241
OR
adobeair_sdk_\&_compilerRange19.0.0.241
AND
appleiphone_os
OR
applemac_os_x
OR
googleandroid
OR
microsoftwindows
CPENameOperatorVersion
adobe:airadobe airle19.0.0.241

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.909 High

EPSS

Percentile

98.9%

Related for CVE-2015-8449