CVE-2015-8042
11.11.2015, 13:00
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.Enginsight
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | 𝑥 ≤ 18.0.0.255 |
| adobe | flash_player | 19.0.0.185 |
| adobe | flash_player | 19.0.0.207 |
| adobe | flash_player | 19.0.0.226 |
| adobe | air | 𝑥 ≤ 19.0.0.190 |
| adobe | air_sdk | 𝑥 ≤ 19.0.0.213 |
| adobe | air_sdk_\&_compiler | 𝑥 ≤ 19.0.0.213 |
| adobe | flash_player | 𝑥 ≤ 11.2.202.540 |
| adobe | air | 𝑥 ≤ 19.0.0.213 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| adobe-flashplugin |
| ||||||||
| flashplugin-nonfree |
|
References