Tenable8848.PRMAdobe AIR < 18.0.0.199 Multiple Vulnerabilities (APSB15-19)
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.949 High
EPSS
Percentile
99.3%
Versions of Adobe AIR prior to 18.0.0.199 are outdated and thus unpatched for the following vulnerabilities :
- Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562)
- An unspecified vulnerability exists related to vector length corruptions. (CVE-2015-5125)
- Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5564, CVE-2015-5565, CVE-2015-5566)
- Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5129, CVE-2015-5541)
- Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133)
- Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553)
- An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-5560)
Binary data 8848.prmReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5131
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5132
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5134
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5541
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5545
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5546
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5550
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5552
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5554
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5556
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5557
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5558
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5560
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5561
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5562
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5563
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5564
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5565
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5566
www.nessus.org/u?0cb17c10
helpx.adobe.com/security/products/flash-player/apsb15-19.html
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.949 High
EPSS
Percentile
99.3%