Use-After-Free Vulnerability in Adobe Flash Player and Adobe AIR
CVE-2015-8067

Currently unrated

Key Information:

Vendor: Adobe
Status: Air
Vendor: CVE Published:; 10 December 2015

What is CVE-2015-8067?

This vulnerability is a use-after-free issue affecting various versions of Adobe Flash Player and Adobe AIR, which allows attackers to exploit the flaw to execute arbitrary code on the target system. The vulnerability arises from improper handling of memory, leading to a scenario where previously freed memory can be accessed and exploited. This vulnerability affects multiple platforms, including Windows, OS X, and Linux. Users of these affected products are strongly advised to update to the latest versions to mitigate the risk of attack.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/78715

vdb-entryx_refsource_BID

EPSS Score

17% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2015
Vulnerability Reserved
Nov 2, 2015