Use-After-Free Vulnerability in Adobe Flash Player and Adobe AIR Products
CVE-2015-7639

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Air Sdk; Air Sdk \& Compiler
Vendor: CVE Published:; 18 October 2015

What is CVE-2015-7639?

A use-after-free vulnerability in Adobe Flash Player and Adobe AIR products allows attackers to execute arbitrary code by exploiting memory management flaws. This vulnerability affects specific versions of both products across multiple operating systems, including Windows, OS X, and Linux. Attackers can leverage this weakness through various unspecified vectors, leading to potential system compromise.

References

http://rhn.redhat.com/errata/RHSA-2015-2024.html

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/77061

vdb-entryx_refsource_BID

http://rhn.redhat.com/errata/RHSA-2015-1893.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

9% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 18, 2015
Vulnerability Reserved
Oct 1, 2015