Adobe Flash Player and AIR Vulnerability Allows Code Execution
CVE-2015-8047

Currently unrated

Key Information:

Vendor: Adobe
Status: Air Sdk; Air Sdk \& Compiler
Vendor: CVE Published:; 10 December 2015

What is CVE-2015-8047?

A vulnerability in Adobe Flash Player and Adobe AIR allows attackers to exploit memory corruption issues, potentially leading to arbitrary code execution or denial of service. This issue affects various versions of Flash Player on Windows and OS X, as well as specific versions of AIR and its SDKs. Attackers can leverage unspecified vectors to perform these exploits, emphasizing the importance of promptly applying security patches.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2015
Vulnerability Reserved
Nov 2, 2015