CVE-2015-5131

Adobe Flash Player < 18.0.0.232 - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-5131. PoCs published by Google Security Research.

AI-analyzed exploit summary The provided content describes an out-of-bounds read vulnerability in Adobe Flash Player, leading to an access violation. It includes crash analysis and memory dump details but lacks executable exploit code.

Description

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/37856

View Code ZIP pw:eip

The provided content describes an out-of-bounds read vulnerability in Adobe Flash Player, leading to an access violation. It includes crash analysis and memory dump details but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Theoretical

Target: Adobe Flash Player (latest versions at the time of CVE-2015-5131)

No auth needed

Prerequisites: Victim must open a maliciously crafted file in Adobe Flash Player

devstral-2 · analyzed Feb 16, 2026 Full analysis →