Use-After-Free Vulnerability in Adobe Flash Player by Adobe
CVE-2015-8066

Currently unrated

Key Information:

Vendor: Adobe
Status: Air Sdk; Air Sdk \& Compiler
Vendor: CVE Published:; 10 December 2015

Summary

A use-after-free vulnerability exists in Adobe Flash Player that can allow an attacker to execute arbitrary code. This affects various versions of the Flash Player across Windows, OS X, and Linux platforms, as well as Adobe AIR. The flaw is exploitable through unspecified vectors, highlighting the need for users to maintain updated versions of the software to mitigate potential risks.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/78715

vdb-entryx_refsource_BID

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 10, 2015
Vulnerability Reserved
Nov 2, 2015