Type Confusion in Adobe Flash Player and Adobe AIR Allows Arbitrary Code Execution
CVE-2015-0305

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air Sdk And Compiler
Vendor: CVE Published:; 13 January 2015

Summary

The vulnerability allows attackers to exploit a type confusion issue in Adobe Flash Player and Adobe AIR, potentially leading to arbitrary code execution. This affects various versions across multiple operating systems, including Windows, OS X, and Linux. The flaw can be harnessed by malicious actors to execute unauthorized commands on a compromised system, posing a significant security risk to users and organizations relying on these applications.

References

http://secunia.com/advisories/62371

third-party-advisoryx_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201502-02.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/62740

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 13, 2015
Vulnerability Reserved
Dec 1, 2014