Adobe Flash Player and AIR type obfuscation Remote Code Execution Vulnerability (APSB15-19)

Adobe Flash Player and AIR type obfuscation Remote Code Execution Vulnerability (APSB15-19)
Adobe Flash Player and AIR type obfuscation Remote Code Execution Vulnerability (APSB15-19)

Release date:
Updated on:

Affected Systems:

Adobe Flash Player <= 18.0.0.209
Adobe Flash Player <= 13.0.0.309
Adobe Flash Player <= 11.2.202.491
Adobe AIR <= 18.0.0.180

Description:

Bugtraq id: 76287
CVE (CAN) ID: CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562

Flash Player is a high-performance, lightweight, and expressive client runtime player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.

Adobe Flash Player and AIR have type obfuscation vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the context of the affected application.

<* Source: Bilou
Natalie Silvanovich

Link: https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
*>

Suggestion:

Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (APSB15-19) and patches for this:
APSB15-19: Security updates available for Adobe Flash Player
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-19.html

This article permanently updates the link address: