← Back

CVE-2015-8651

nvd nist
Published: Dec 28, 2015Modified: Apr 22, 2026CISA KEV

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.

Affected (27)

Show all products
Adobe: Air Sdk, Air Sdk & Compiler, Flash Player, Air · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation · Opensuse: Evergreen, Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Workstation Extension · Hp: Insight Control, Insight Control Server Provisioning, Matrix Operating Environment, System Management Homepage, Systems Insight Manager, Version Control Repository Manager
Adobe
4 products
Air Sdk
Air Sdk & Compiler
Flash Player
Air
Redhat
3 products
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Workstation
Opensuse
2 products
Evergreen
Opensuse
Suse
2 products
Linux Enterprise Desktop
Linux Enterprise Workstation Extension
Hp
6 products
Insight Control
Insight Control Server Provisioning
Matrix Operating Environment
System Management Homepage
Systems Insight Manager
Version Control Repository Manager
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Air Sdk
Before 20.0.0.233
Air Sdk & Compiler
Before 20.0.0.233
Running on/withPlatform Versions
Apple
Iphone Os
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Flash Player
Before 11.2.202.559
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Air
Before 20.0.0.233
Running on/withPlatform Versions
Google
Android
All versions
Configuration D
2 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Adobe
Flash Player
Before 18.0.0.324
Flash Player
From 19.0.0.185 to 20.0.0.267
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Microsoft
Windows
All versions
Configuration E
6 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux Desktop
Version 5.0
Enterprise Linux Desktop
Version 6.0
Redhat
Enterprise Linux Server
Version 5.0
Enterprise Linux Server
Version 6.0
Redhat
Enterprise Linux Workstation
Version 5.0
Enterprise Linux Workstation
Version 6.0
Configuration F
9 vulnerable
Vulnerable SoftwareAffected Versions
Evergreen
Version 11.4
Opensuse
Opensuse
Version 13.1
Opensuse
Version 13.2
Suse
Linux Enterprise Desktop
Version 11 sp3
Linux Enterprise Desktop
Version 11 sp4
Linux Enterprise Desktop
Version 12
Linux Enterprise Desktop
Version 12 sp1
Suse
Linux Enterprise Workstation Extension
Version 12
Linux Enterprise Workstation Extension
Version 12 sp1
Configuration G
6 vulnerable
Vulnerable SoftwareAffected Versions
Insight Control
Before 7.6
Insight Control Server Provisioning
Before 7.6
Matrix Operating Environment
Version 7.6
System Management Homepage
Before 7.6
Systems Insight Manager
Before 7.6
Version Control Repository Manager
Before 7.6

Related CWEs

CWE-190
Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (25)

Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: psirt@adobe.com
Third Party Advisory
Source: psirt@adobe.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@adobe.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@adobe.com
Third Party Advisory
Source: psirt@adobe.com
Third Party Advisory
Source: psirt@adobe.com
Third Party Advisory
Source: psirt@adobe.com
Not ApplicablePatchVendor Advisory
Source: psirt@adobe.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicablePatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.