Lucene search

K
cve[email protected]CVE-2015-8456
HistoryDec 10, 2015 - 6:00 a.m.

CVE-2015-8456

2015-12-1006:00:22
web.nvd.nist.gov
26
cve
2015
8456
adobe flash player
windows
os x
linux
adobe air
arbitrary code
type confusion
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-8439.

Affected configurations

NVD
Node
adobeflash_playerRange18.0.0.261
OR
adobeflash_playerMatch19.0.0.185
OR
adobeflash_playerMatch19.0.0.207
OR
adobeflash_playerMatch19.0.0.226
OR
adobeflash_playerMatch19.0.0.245
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange11.2.202.548
AND
linuxlinux_kernel
Node
adobeairRange19.0.0.241
AND
applemac_os_x
OR
microsoftwindows
Node
adobeair_sdkRange19.0.0.241
OR
adobeair_sdk_\&_compilerRange19.0.0.241
AND
appleiphone_os
OR
applemac_os_x
OR
googleandroid
OR
microsoftwindows

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%