Lucene search

K

Kaspersky LabKLA10690

HistoryNov 10, 2015 - 12:00 a.m.

KLA10690 Multiple vulnerabilities in Adobe products

2015-11-1000:00:00

Kaspersky Lab

threats.kaspersky.com

24

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.5%

Detect date:

11/10/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code.

Affected products:

Adobe Flash Player versions earlier than 19.0.0.245
Adobe Flash Player Extended Support Release versions earlier than 18.0.0.261
Adobe Flash Player for Linux versions earlier than 11.2.202.548
Adobe AIR versions earlier than 19.0.0.241

Solution:

Update to the latest version
Get Flash Player
Get AIR

Original advisories:

Impacts:

ACE

Related products:

Adobe Flash Player ActiveX

CVE-IDS:

CVE-2015-76569.3Critical
CVE-2015-76559.3Critical
CVE-2015-76529.3Critical
CVE-2015-76619.3Critical
CVE-2015-76627.8Critical
CVE-2015-76599.3Critical
CVE-2015-76519.3Critical
CVE-2015-76549.3Critical
CVE-2015-76539.3Critical
CVE-2015-76579.3Critical
CVE-2015-80429.3Critical
CVE-2015-76609.3Critical
CVE-2015-76589.3Critical

Exploitation:

Public exploits exist for this vulnerability.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7651

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7652

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7653

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7654

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7655

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7656

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7657

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7658

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7659

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7660

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7661

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7662

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8042

get.adobe.com/air/

get.adobe.com/flashplayer/

helpx.adobe.com/security/products/flash-player/apsb15-28.html

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/class/Exploit/

threats.kaspersky.com/en/product/Adobe-AIR/

threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/

threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/

threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.5%

Related for KLA10690

kaspersky1 nessus17 redhat2 mageia1 openvas7 altlinux2 freebsd1 archlinux1 prion17 cve17 ubuntucve17 checkpoint_advisories8 gentoo1 zdi12 zdt1