Use-After-Free Vulnerability in Adobe Flash Player and AIR Products
CVE-2015-3107

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Android
Vendor: CVE Published:; 10 June 2015

Summary

A use-after-free vulnerability exists in Adobe Flash Player and Adobe AIR that can enable an attacker to execute arbitrary code on affected systems. This flaw impacts various editions of Flash Player and AIR across multiple platforms, including Windows, OS X, and Linux. Attackers may exploit this vulnerability through unspecified vectors, potentially compromising user security and integrity.

References

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

https://www.exploit-db.com/exploits/37850/

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/75087

vdb-entryx_refsource_BID

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 10, 2015
Vulnerability Reserved
Apr 9, 2015