CVE-2015-5574
Adobe Flash Player <18.0.0.241, 19.x <19.0.0.185 - RCE
Title source: llmDescription
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/39652
References (14)
Scores
EPSS
0.7101
EPSS Percentile
98.7%
Details
Status
published
Products (28)
adobe/air
< 18.0.0.143
adobe/air_sdk
< 18.0.0.199
adobe/air_sdk_\&_compiler
< 18.0.0.180
adobe/flash_player
14.0.0.125
adobe/flash_player
14.0.0.145
adobe/flash_player
14.0.0.176
adobe/flash_player
14.0.0.179
adobe/flash_player
15.0.0.152
adobe/flash_player
15.0.0.167
adobe/flash_player
15.0.0.189
... and 18 more
Published
Sep 22, 2015
Tracked Since
Feb 18, 2026