9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
10/14/2015
Critical
Multiple type confusion vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed SWF file or other unknown vectors.
Adobe Flash Player versions earlier than 19.0.0.226
Adobe Flash Player Extended Support Release versions earlier than 18.0.0.255
Adobe Flash Player for Linux versions earlier than 11.2.202.540
Update to the latest version
Get Flash Player
ACE
Public exploits exist for this vulnerability.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7645
get.adobe.com/flashplayer/
helpx.adobe.com/security/products/flash-player/apsa15-05.html
helpx.adobe.com/security/products/flash-player/apsb15-27.html
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/
threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/
threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/