Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2015-7662)
Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2015-7662)
Release date:
Updated on:
Affected Systems:
Adobe Flash Player <11.2.202.548
Adobe Flash Player <18.0.0.261
Adobe Flash Player 19.x-19.0.0.245
Adobe AIR <19.0.0.241
Description:
Bugtraq id: 77535
CVE (CAN) ID: CVE-2015-7662
Flash Player is a high-performance, lightweight, and expressive client runtime player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.
Adobe Flash Player versions earlier than 18.0.0.261, 19. x-19.0.0.245, 11.2.202.548, AIR versions earlier than 19.0.0.241 have security vulnerabilities, remote attackers can exploit this vulnerability to bypass target access restrictions, write operations on file processes.
<* Source: Jordan Rabet
*>
Suggestion:
Vendor patch:
Adobe
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://get.adobe.com/flashplayer/
Https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
This article permanently updates the link address: