CVE-2015-8645

Sažetak

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636.

Reference

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html
http://rhn.redhat.com/errata/RHSA-2015-2697.html
http://www.securityfocus.com/bid/79700
http://www.securitytracker.com/id/1034544
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
https://security.gentoo.org/glsa/201601-03

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-02-2017 - 02:59

Objavljeno

28-12-2015 - 23:59