Lucene search

K
cve[email protected]CVE-2015-8456
HistoryDec 10, 2015 - 6:00 a.m.

CVE-2015-8456

2015-12-1006:00:22
web.nvd.nist.gov
26
cve
2015
8456
adobe flash player
windows
os x
linux
adobe air
arbitrary code
type confusion
nvd

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.4%

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-8439.

Affected configurations

NVD
Node
adobeflash_playerRange18.0.0.261
OR
adobeflash_playerMatch19.0.0.185
OR
adobeflash_playerMatch19.0.0.207
OR
adobeflash_playerMatch19.0.0.226
OR
adobeflash_playerMatch19.0.0.245
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange11.2.202.548
AND
linuxlinux_kernel
Node
adobeairRange19.0.0.241
AND
applemac_os_x
OR
microsoftwindows
Node
adobeair_sdkRange19.0.0.241
OR
adobeair_sdk_\&_compilerRange19.0.0.241
AND
appleiphone_os
OR
applemac_os_x
OR
googleandroid
OR
microsoftwindows

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.4%