CVE-2015-8651
published 2015-12-28CVE-2015-8651: Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-15
Exploited in the wild
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | air | < 20.0.0.233 | 20.0.0.233 |
| adobe | air_sdk | < 20.0.0.233 | 20.0.0.233 |
| adobe | air_sdk_compiler | < 20.0.0.233 | 20.0.0.233 |
| adobe | flash_player | < 11.2.202.559 | 11.2.202.559 |
| adobe | flash_player | < 18.0.0.324 | 18.0.0.324 |
| adobe | flash_player | >= 19.0.0.185 < 20.0.0.267 | 20.0.0.267 |
| hp | insight_control | < 7.6 | 7.6 |
| hp | insight_control_server_provisioning | < 7.6 | 7.6 |
| hp | matrix_operating_environment | — | — |
| hp | system_management_homepage | < 7.6 | 7.6 |
| hp | systems_insight_manager | < 7.6 | 7.6 |
| hp | version_control_repository_manager | < 7.6 | 7.6 |
| opensuse | evergreen | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_workstation_extension | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH