CVE-2015-3084
published 2015-05-13CVE-2015-3084: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172…
critical10CVSS 3.1
AVNACLAuNCCICAC
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3077 and CVE-2015-3086.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | air | <= 17.0.0.144 | — |
| adobe | air_sdk | <= 17.0.0.144 | — |
| adobe | air_sdk_compiler | <= 17.0.0.144 | — |
| adobe | flash_player | <= 13.0.0.264 | — |
| adobe | flash_player | <= 11.2.202.475 | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL