PT-2015-2144 · Adobe+3 · Flash Player+6

Published

2015-09-21

Updated

2017-02-17

CVE-2015-5573

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.241 Adobe Flash Player versions 19.x prior to 19.0.0.185 Adobe AIR versions prior to 19.0.0.190 Adobe AIR SDK versions prior to 19.0.0.190 Adobe AIR SDK & Compiler versions prior to 19.0.0.190

Description The issue is related to type confusion errors in the software, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For Adobe Flash Player versions prior to 18.0.0.241, update to version 18.0.0.241 or later. For Adobe Flash Player versions 19.x prior to 19.0.0.185, update to version 19.0.0.185 or later. For Adobe AIR versions prior to 19.0.0.190, update to version 19.0.0.190 or later. For Adobe AIR SDK versions prior to 19.0.0.190, update to version 19.0.0.190 or later. For Adobe AIR SDK & Compiler versions prior to 19.0.0.190, update to version 19.0.0.190 or later.

Fix

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

ALT-PU-2015-1803

BDU:2015-11490

CVE-2015-5573

MGASA-2015-0379

OPENSUSE-SU-2015_1616-1

RHSA-2015:1814

RHSA-2015_1814

SUSE-SU-2015:1614-1

SUSE-SU-2015:1618-1

Affected Products

Alt Linux

Air

Air Sdk

Air Sdk & Compiler

Flash Player

Red Hat

Suse

PT-2015-2144 · Adobe+3 · Flash Player+6

CVE-2015-5573

Weakness Enumeration

Related Identifiers

Affected Products

References · 145