CVE-2015-7647
published 2015-10-18CVE-2015-7647: Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code…
PriorityP267critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
29.53%
98.0th percentile
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | <= 11.2.202.535 | — |
| adobe | flash_player | <= 19.0.0.207 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for SWF files where IExternalizable.readExternal is overridden with a non-function value — this is the trigger condition for the type confusion leading to memory corruption. ↗
- →Inspect SWF files (especially decompressed via flasm -x) for the string 'readExternal' in bytecode — PoC required manual patching of 'teadExternal' to 'readExternal' to trigger the vulnerability. ↗
- →Flag Adobe Flash Player versions below 18.0.0.255, 19.x below 19.0.0.226 (Windows/OS X), and below 11.2.202.540 (Linux) as vulnerable to this type confusion code execution. ↗
- ·The PoC SWF does not compile directly from the provided ActionScript source — the working exploit requires decompressing the SWF with flasm and manually patching the bytecode string. ↗
- ·CVE-2015-7647 is a distinct type confusion vulnerability from CVE-2015-7648, though both are fixed in the same Adobe bulletin APSB15-27 and share the same vulnerable version ranges. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
flash-plugin: multiple code execution issue fixed in APSB15-27
vendor_redhat·2015-10-14·CVSS 10.0
CVE-2015-7647 [CRITICAL] flash-plugin: multiple code execution issue fixed in APSB15-27
flash-plugin: multiple code execution issue fixed in APSB15-27
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
Red Hat
flash-plugin: multiple code execution issue fixed in APSB15-27
vendor_redhat·2015-10-14·CVSS 10.0
CVE-2015-7648 [CRITICAL] flash-plugin: multiple code execution issue fixed in APSB15-27
flash-plugin: multiple code execution issue fixed in APSB15-27
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
GHSA
GHSA-5778-gw8x-3m7f: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-17·CVSS 10.0
CVE-2015-7647 [CRITICAL] GHSA-5778-gw8x-3m7f: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
GHSA
GHSA-xj2j-8x6x-4m9r: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-17·CVSS 10.0
CVE-2015-7648 [CRITICAL] GHSA-xj2j-8x6x-4m9r: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
OSV
CVE-2015-7648: Adobe Flash Player before 18
osv·2015-10-18·CVSS 10.0
CVE-2015-7648 [CRITICAL] CVE-2015-7648: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
OSV
CVE-2015-7647: Adobe Flash Player before 18
osv·2015-10-18·CVSS 10.0
CVE-2015-7647 [CRITICAL] CVE-2015-7647: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
No detection rules found.
http://rhn.redhat.com/errata/RHSA-2015-1913.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2024.htmlhttp://www.securityfocus.com/bid/77115http://www.securitytracker.com/id/1033850https://helpx.adobe.com/security/products/flash-player/apsb15-27.htmlhttps://security.gentoo.org/glsa/201511-02https://www.exploit-db.com/exploits/38969/http://rhn.redhat.com/errata/RHSA-2015-1913.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2024.htmlhttp://www.securityfocus.com/bid/77115http://www.securitytracker.com/id/1033850https://helpx.adobe.com/security/products/flash-player/apsb15-27.htmlhttps://security.gentoo.org/glsa/201511-02https://www.exploit-db.com/exploits/38969/
2015-10-18
Published