CVE-2015-3079: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172…

medium5CVSS 3.1

AVNACLAuNCPINAN

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

Affected

21 ranges

Vendor	Product	Version range	Fixed in
adobe	air	<= 17.0.0.144	—
adobe	air_sdk	<= 17.0.0.144	—
adobe	air_sdk_compiler	<= 17.0.0.144	—
adobe	flash_player	<= 13.0.0.264	—
adobe	flash_player	<= 11.2.202.475	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—
adobe	flash_player	—	—

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N

osv5.0MEDIUM