Multiple Remote Code Execution Vulnerabilities in Adobe Flash Player/AIR

Multiple Remote Code Execution Vulnerabilities in Adobe Flash Player/AIR
Multiple Remote Code Execution Vulnerabilities in Adobe Flash Player/AIR

Release date:
Updated on:

Affected Systems:

Adobe Flash Player < 13.0.0.292
Adobe Flash Player < 11.2.202.466
Adobe Flash Player 14.x - 18.x
Adobe AIR < 18.0.0.144
Adobe AIR < 18.0.0.143

Description:

Bugtraq id: 75087
CVE (CAN) ID: CVE-2015-3103, CVE-2015-3106, CVE-2015-3107

Adobe Flash Player is an integrated multimedia Player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.

Adobe Flash Player and AIR versions have remote code execution vulnerabilities. Remote attackers exploit these vulnerabilities to execute arbitrary code in the current application context.

<* Source: Wen Guanxing
Natalie Silvanovich

Link: https://helpx.adobe.com/security/products/flash-player/apsb15-11.html
*>

Suggestion:

Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (apsb15-11) and patches for this:
Apsb15-11: Security updates available for Adobe Flash Player
Link: https://helpx.adobe.com/security/products/flash-player/apsb15-11.html

This article permanently updates the link address: