← Back

CVE-2015-3099

nvd nist
Published: Jun 10, 2015Modified: May 6, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102.

Affected (24)

Adobe
4 products
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Google
1 product
Android
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Air
Up to 17.0.0.172
Air Sdk
Up to 17.0.0.172
Air Sdk & Compiler
Up to 17.0.0.172
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Flash Player
Up to 11.2.202.460
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Air
Up to 17.0.0.144
Android
All versions
Configuration D
18 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Adobe
Flash Player
Up to 13.0.0.289
Flash Player
Version 14.0.0.125
Flash Player
Version 14.0.0.145
Flash Player
Version 14.0.0.176
Flash Player
Version 14.0.0.179
Flash Player
Version 15.0.0.152
Flash Player
Version 15.0.0.167
Flash Player
Version 15.0.0.189
Flash Player
Version 15.0.0.223
Flash Player
Version 15.0.0.239
Flash Player
Version 15.0.0.246
Flash Player
Version 16.0.0.235
Flash Player
Version 16.0.0.257
Flash Player
Version 16.0.0.287
Flash Player
Version 16.0.0.296
Flash Player
Version 17.0.0.134
Flash Player
Version 17.0.0.169
Flash Player
Version 17.0.0.188
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (16)

Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
PatchVendor Advisory
Source: psirt@adobe.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.