Description
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
References (12)
Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/77063
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-2024.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1893.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201511-02
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005234.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033797
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/flash-player/apsb15-25.html
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN22533124/index.html
Scores
EPSS
0.0431
EPSS Percentile
90.0%
Details
CWE
CWE-200
Status
published
Products (4)
adobe/air
< 19.0.0.190
adobe/air_sdk
< 19.0.0.190
adobe/air_sdk_\&_compiler
< 19.0.0.190
adobe/flash_player
< 19.0.0.185
Published
Oct 15, 2015
Tracked Since
Feb 18, 2026