Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2015-7662)

Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2015-7662)
Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2015-7662)

Release date:
Updated on:

Affected Systems:

Adobe Flash Player <11.2.202.548
Adobe Flash Player <18.0.0.261
Adobe Flash Player 19.x-19.0.0.245
Adobe AIR <19.0.0.241

Description:

Bugtraq id: 77535
CVE (CAN) ID: CVE-2015-7662

Flash Player is a high-performance, lightweight, and expressive client runtime player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.

Adobe Flash Player versions earlier than 18.0.0.261, 19. x-19.0.0.245, 11.2.202.548, AIR versions earlier than 19.0.0.241 have security vulnerabilities, remote attackers can exploit this vulnerability to bypass target access restrictions, write operations on file processes.

<* Source: Jordan Rabet
*>

Suggestion:

Vendor patch:

Adobe
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://get.adobe.com/flashplayer/

Https://helpx.adobe.com/security/products/flash-player/apsb15-28.html

This article permanently updates the link address: