Adobe AIR < 19.0.0.213 Multiple Vulnerabilities (APSB15-25)

Versions of Adobe AIR prior to 19.0.0.213 are outdated and thus unpatched for the following vulnerabilities :

• An unspecified vulnerability exists related to the defense-in-depth feature in the Flash Broker API. No other details are available. (CVE-2015-5569)
• Multiple unspecified memory corruption issues exist due to improper validation of user-supplied input. A remote attacker can exploit this to execute arbitrary code. (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634)
• A unspecified vulnerability exists that can be exploited by a remote attacker to bypass the same-origin policy, allowing the disclosure of sensitive information. (CVE-2015-7628)
• Multiple unspecified use-after-free errors exist that can be exploited by a remote attacker to dereference already freed memory, potentially allowing the execution of arbitrary code. (CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7640, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, CVE-2015-7644)
• An unspecified buffer overflow condition exists due to improper validation of user-supplied input. An attacker can exploit this to execute arbitrary code. (CVE-2015-7632)