CVE-2015-3084

Name of the Vulnerable Software and Affected Versions Adobe AIR (affected versions not specified) Adobe Flash Player (affected versions not specified) Adobe AIR SDK (affected versions not specified) Adobe AIR SDK & Compiler (affected versions not specified)

Description The issue is caused by accessing a resource through incompatible types, which can allow a remote attacker to execute arbitrary code by manipulating data types. This can be achieved through a "type confusion" technique.

Recommendations For Adobe AIR, consider restricting access to resources that can be manipulated through incompatible types until a patch is available. For Adobe Flash Player, avoid using data types that can be confused or manipulated by an attacker until the issue is resolved. For Adobe AIR SDK and Adobe AIR SDK & Compiler, as a temporary workaround, consider disabling the functionality that allows access to resources through incompatible types until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.