Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3121, CVE-2015-3122, and CVE-2015-4433.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:CAdobe Air
APPAdobe≤ 18.0.0.144Adobe Air Sdk
APPAdobe≤ 18.0.0.144Adobe Air Sdk \& Compiler
APPAdobe≤ 18.0.0.144Adobe Flash Player
APPAdobe14.0.0.12514.0.0.14514.0.0.17614.0.0.17915.0.0.15215.0.0.16715.0.0.18915.0.0.22315.0.0.23915.0.0.24616.0.0.23516.0.0.25716.0.0.28716.0.0.29617.0.0.134+ 7 więcejApple Mac Os X
OSApplewszystkie wersjeLinux Kernel
OSLinuxwszystkie wersjeMicrosoft Windows
OSMicrosoftwszystkie wersje
Powiązane podatności
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
Path Traversal w Kingsoft WPS Office — ładowanie dowolnej biblioteki Windows
PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit