CVE-2015-8439

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.268 Adobe Flash Player versions 19.x Adobe Flash Player versions 20.x prior to 20.0.0.228 Adobe AIR versions prior to 20.0.0.204 Adobe AIR SDK versions prior to 20.0.0.204 Adobe AIR SDK & Compiler versions prior to 20.0.0.204 Adobe Flash Player version 11.2.202.554 and earlier on Linux

Description The issue is related to errors in the code of the SharedObject object implementation in Adobe Flash Player and Adobe Integrated Runtime. It allows a remote attacker to execute arbitrary code by exploiting an unspecified "type confusion" during a getRemote call.

Recommendations For Adobe Flash Player versions prior to 18.0.0.268, update to version 18.0.0.268 or later. For Adobe Flash Player versions 19.x, update to a version outside of the 19.x range. For Adobe Flash Player versions 20.x prior to 20.0.0.228, update to version 20.0.0.228 or later. For Adobe AIR versions prior to 20.0.0.204, update to version 20.0.0.204 or later. For Adobe AIR SDK versions prior to 20.0.0.204, update to version 20.0.0.204 or later. For Adobe AIR SDK & Compiler versions prior to 20.0.0.204, update to version 20.0.0.204 or later. For Adobe Flash Player version 11.2.202.554 and earlier on Linux, update to a version later than 11.2.202.554.