CVE-2015-7628

Adobe Flash Player <18.0.0.252-11.2.202.535 - SSRF

Title source: llm
STIX 2.1

Description

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77063
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-2024.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1893.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201511-02
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005234.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033797
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN22533124/index.html

Scores

EPSS 0.0431
EPSS Percentile 90.0%

Details

CWE
CWE-200
Status published
Products (4)
adobe/air < 19.0.0.190
adobe/air_sdk < 19.0.0.190
adobe/air_sdk_\&_compiler < 19.0.0.190
adobe/flash_player < 19.0.0.185
Published Oct 15, 2015
Tracked Since Feb 18, 2026