CVE-2019-8075

EUVD-2019-17533
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
adobeflash_player_desktop_runtime
𝑥
≤ 32.0.0.207
adobeflash_player
𝑥
≤ 32.0.0.207
adobeflash_player
𝑥
≤ 32.0.0.207
adobeflash_player
𝑥
≤ 32.0.0.207
googlechrome
𝑥
< 87.0.4280.66
googlechrome
𝑥
< 87.0.4280.67
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
References
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html
https://crbug.com/945997
https://helpx.adobe.com/security/products/flash-player/apsb19-30.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/
https://www.debian.org/security/2021/dsa-4824
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html
https://crbug.com/945997
https://helpx.adobe.com/security/products/flash-player/apsb19-30.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/
https://www.debian.org/security/2021/dsa-4824