Multiple heap buffer overflow vulnerabilities in Adobe Flash Player/AIR (APSB15-19)
Adobe FlashPlayer/AIR Multiple Heap Buffer Overflow Vulnerabilities (APSB15-19)
Release date:
Updated on:
Affected Systems:
Adobe Flash Player <= 18.0.0.209
Adobe Flash Player <= 13.0.0.309
Adobe Flash Player <= 11.2.202.491
Description:
Bugtraq id: 76282
CVE (CAN) ID: CVE-2015-5129, CVE-2015-5541
Flash Player is a high-performance, lightweight, and expressive client runtime Player.
Adobe Flash Player and AIR have a heap buffer overflow vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the affected application.
<* Source: Kai Lu
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
*>
Suggestion:
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (APSB15-19) and patches for this:
APSB15-19: Security updates available for Adobe Flash Player
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
Patch download: http://www.adobe.com/go/getflash
This article permanently updates the link address: