KLA10626Code execution vulnerability in Adobe Flash Player

2015-07-14T00:00:00
ID KLA10626
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-12-04T00:00:00

Description

CVSS:

10.0

Detect date:

07/14/2015

Severity:

Critical

Description:

Use-after-free and memory corruption vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors.

Affected products:

Adobe Flash Player vesions earlier than 18.0.0.209
Adobe Flash Player Extended Support Release versions earlier than 13.0.0.305

Solution:

Update to the latest version
Get Flash Player

Original advisories:

Adobe advisory

Impacts:

ACE

Related products:

Adobe Flash Player ActiveX

CVE-IDS:

CVE-2015-5122
CVE-2015-5123