Adobe Flash MPEG-4 cross-border read Remote Code Execution Vulnerability (CVE-2015-8657)
Adobe Flash MPEG-4 cross-border read Remote Code Execution Vulnerability (CVE-2015-8657)
Release date:
Updated on:
Affected Systems:
Adobe Flash Player <= 19.0.0.245
Adobe Flash Player <= 18.0.0.261
Adobe Flash Player <= 11.2.202.548
Description:
CVE (CAN) ID: CVE-2015-8657
Flash Player is a multimedia program player.
Adobe Flash has a vulnerability in MPEG-4 resolution that allows the affected application to read memory outside of allocated objects. Attackers can exploit this vulnerability to execute arbitrary code in the context of the current process.
<* Source: AbdulAziz harsiri
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-32.html
*>
Suggestion:
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (apsb15-32) and patches for this:
Apsb15-32: Security updates available for Adobe Flash Player
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-32.html
This article permanently updates the link address: