Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdobe Flash Player
APPAdobe< 11.2.202.46814.0.0.125 – 18.0.0.194 (bez)< 13.0.0.296Apple Mac Os X
OSApplewszystkie wersjeHP Insight Orchestration
APPHp< 7.5.0HP System Management Homepage
APPHp< 7.5.0HP Systems Insight Manager
APPHp< 7.5HP Version Control Agent
APPHp< 7.5.0HP Version Control Repository Manager
APPHp7.6< 7.5.0HP Virtual Connect Enterprise Manager
APPHp< 7.5.0Linux Kernel
OSLinuxwszystkie wersjeMicrosoft Windows
OSMicrosoftwszystkie wersjeOpensuse Evergreen
OSOpensuse11.4Opensuse
OSOpensuse13.113.2Red Hat Enterprise Linux Desktop
OSRedhat6.0Red Hat Enterprise Linux Eus
OSRedhat6.6Red Hat Enterprise Linux Server
OSRedhat6.0Red Hat Enterprise Linux Workstation
OSRedhat6.0SUSE Linux Enterprise Desktop
OSSuse12SUSE Linux Enterprise Workstation Extension
OSSuse12
CISA KEV — detailsi
- Vendori
- Adobe ↗
- Producti
- Flash Player
- Added to KEVi
- April 13, 2022
- Remediation deadline (US Federal)i
- May 4, 2022(overdue)
The impacted product is end-of-life and should be disconnected if still in use.
Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
Related vulnerabilities
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
Path Traversal w Kingsoft WPS Office — ładowanie dowolnej biblioteki Windows