Lucene search

K
nvd[email protected]NVD:CVE-2015-8654
HistoryMar 04, 2016 - 11:59 p.m.

CVE-2015-8654

2016-03-0423:59:03
CWE-787
web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.062

Percentile

93.6%

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.

Affected configurations

NVD
Node
adobeflash_playerRange11.2.202.548
AND
linuxlinux_kernelMatch-
Node
adobeflash_player_desktop_runtimeRange19.0.0.245
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
adobeflash_playerRange18.0.0.261esr
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
microsoftwindows_10Match-
OR
microsoftwindows_8Match-
OR
microsoftwindows_8.1Match-
AND
adobeflash_playerRange19.0.0.245internet_explorer
Node
adobeflash_playerRange19.0.0.245chrome
AND
applemac_os_xMatch-
OR
googlechrome_osMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
Node
microsoftwindows_10Match-
AND
adobeflash_playerRange19.0.0.245edge
Node
adobeair_desktop_runtimeRange19.0.0.241
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
adobeair_sdkRange19.0.0.241
AND
appleiphone_osMatch-
OR
applemac_os_xMatch-
OR
googleandroidMatch-
OR
microsoftwindowsMatch-
Node
adobeair_sdk_\&_compilerRange19.0.0.241
AND
appleiphone_osMatch-
OR
applemac_os_xMatch-
OR
googleandroidMatch-
OR
microsoftwindowsMatch-
Node
adobeairRange19.0.0.241
AND
googleandroidMatch-

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.062

Percentile

93.6%