Use-After-Free Vulnerability in Adobe Flash Player and AIR by Adobe
CVE-2015-8064

Currently unrated

Key Information:

Vendor: Adobe
Status: Air Sdk; Air Sdk \& Compiler
Vendor: CVE Published:; 10 December 2015

Summary

This vulnerability entails a use-after-free condition in Adobe Flash Player and Adobe AIR, enabling attackers to exploit the flaw to execute arbitrary code through unspecified methods. This security risk affects various versions of Flash Player and AIR across multiple operating systems, including Windows, OS X, and Linux. Users are strongly advised to update their products to the latest versions to mitigate potential exploits.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/78715

vdb-entryx_refsource_BID

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 10, 2015
Vulnerability Reserved
Nov 2, 2015