Details of VAR-201512-0217

ID

VAR-201512-0217

CVE

CVE-2015-8645

TITLE

Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-006543

DESCRIPTION

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636. This vulnerability CVE-2015-8459 , CVE-2015-8460 ,and CVE-2015-8636 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.235 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.268 and earlier versions, AIR Desktop Runtime 20.0.0.204 and earlier versions; Windows-based , Macintosh, Linux and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.228 and previous versions; Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.228 and previous versions; Windows 8.0 and 8.1-based platforms Adobe Flash Player for Internet Explorer 10 and 11 20.0.0.228 and previous versions; Adobe Flash Player for Linux 11.2.202.554 and previous versions based on Linux platforms; AIR SDK 20.0.0.204 and previous versions based on Windows, Macintosh, Android and iOS platforms , AIR SDK & Compiler 20.0.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:2697-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2697.html Issue date: 2015-12-29 CVE Names: CVE-2015-8459 CVE-2015-8460 CVE-2015-8634 CVE-2015-8635 CVE-2015-8636 CVE-2015-8638 CVE-2015-8639 CVE-2015-8640 CVE-2015-8641 CVE-2015-8642 CVE-2015-8643 CVE-2015-8644 CVE-2015-8645 CVE-2015-8646 CVE-2015-8647 CVE-2015-8648 CVE-2015-8649 CVE-2015-8650 CVE-2015-8651 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-01 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.559. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1294580 - flash-plugin: multiple code execution issues fixed in APSB16-01 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.559-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.559-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.559-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.559-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.559-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.559-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.559-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.559-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.559-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.559-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8459 https://access.redhat.com/security/cve/CVE-2015-8460 https://access.redhat.com/security/cve/CVE-2015-8634 https://access.redhat.com/security/cve/CVE-2015-8635 https://access.redhat.com/security/cve/CVE-2015-8636 https://access.redhat.com/security/cve/CVE-2015-8638 https://access.redhat.com/security/cve/CVE-2015-8639 https://access.redhat.com/security/cve/CVE-2015-8640 https://access.redhat.com/security/cve/CVE-2015-8641 https://access.redhat.com/security/cve/CVE-2015-8642 https://access.redhat.com/security/cve/CVE-2015-8643 https://access.redhat.com/security/cve/CVE-2015-8644 https://access.redhat.com/security/cve/CVE-2015-8645 https://access.redhat.com/security/cve/CVE-2015-8646 https://access.redhat.com/security/cve/CVE-2015-8647 https://access.redhat.com/security/cve/CVE-2015-8648 https://access.redhat.com/security/cve/CVE-2015-8649 https://access.redhat.com/security/cve/CVE-2015-8650 https://access.redhat.com/security/cve/CVE-2015-8651 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-01.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWgnSsXlSAg2UNWIIRAppGAJ9mRCwQ3gpOgegJva9BnnZvPVV7OACgqRuU xm8a97tVCxdqrTr2yuTCblQ= =AUkv -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.559" References ========== [ 1 ] CVE-2015-8045 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8045 [ 2 ] CVE-2015-8047 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8047 [ 3 ] CVE-2015-8048 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8048 [ 4 ] CVE-2015-8049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8049 [ 5 ] CVE-2015-8050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8050 [ 6 ] CVE-2015-8055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8055 [ 7 ] CVE-2015-8056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8056 [ 8 ] CVE-2015-8057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8057 [ 9 ] CVE-2015-8058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8058 [ 10 ] CVE-2015-8059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8059 [ 11 ] CVE-2015-8060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8060 [ 12 ] CVE-2015-8061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8061 [ 13 ] CVE-2015-8062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8062 [ 14 ] CVE-2015-8063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8063 [ 15 ] CVE-2015-8064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8064 [ 16 ] CVE-2015-8065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8065 [ 17 ] CVE-2015-8066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8066 [ 18 ] CVE-2015-8067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8067 [ 19 ] CVE-2015-8068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8068 [ 20 ] CVE-2015-8069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8069 [ 21 ] CVE-2015-8070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8070 [ 22 ] CVE-2015-8071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8071 [ 23 ] CVE-2015-8401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8401 [ 24 ] CVE-2015-8402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8402 [ 25 ] CVE-2015-8403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8403 [ 26 ] CVE-2015-8404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8404 [ 27 ] CVE-2015-8405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8405 [ 28 ] CVE-2015-8406 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8406 [ 29 ] CVE-2015-8407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8407 [ 30 ] CVE-2015-8408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8408 [ 31 ] CVE-2015-8409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8409 [ 32 ] CVE-2015-8410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8410 [ 33 ] CVE-2015-8411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8411 [ 34 ] CVE-2015-8412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8412 [ 35 ] CVE-2015-8413 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8413 [ 36 ] CVE-2015-8414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8414 [ 37 ] CVE-2015-8415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8415 [ 38 ] CVE-2015-8416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8416 [ 39 ] CVE-2015-8417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8417 [ 40 ] CVE-2015-8418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8418 [ 41 ] CVE-2015-8419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8419 [ 42 ] CVE-2015-8420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8420 [ 43 ] CVE-2015-8421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8421 [ 44 ] CVE-2015-8422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8422 [ 45 ] CVE-2015-8423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8423 [ 46 ] CVE-2015-8424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8424 [ 47 ] CVE-2015-8425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8425 [ 48 ] CVE-2015-8426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8426 [ 49 ] CVE-2015-8427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8427 [ 50 ] CVE-2015-8428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8428 [ 51 ] CVE-2015-8429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8429 [ 52 ] CVE-2015-8430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8430 [ 53 ] CVE-2015-8431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8431 [ 54 ] CVE-2015-8432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8432 [ 55 ] CVE-2015-8433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8433 [ 56 ] CVE-2015-8434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8434 [ 57 ] CVE-2015-8435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8435 [ 58 ] CVE-2015-8436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8436 [ 59 ] CVE-2015-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8437 [ 60 ] CVE-2015-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8438 [ 61 ] CVE-2015-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8439 [ 62 ] CVE-2015-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8440 [ 63 ] CVE-2015-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8441 [ 64 ] CVE-2015-8442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8442 [ 65 ] CVE-2015-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8443 [ 66 ] CVE-2015-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8443 [ 67 ] CVE-2015-8445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8445 [ 68 ] CVE-2015-8446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8446 [ 69 ] CVE-2015-8447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8447 [ 70 ] CVE-2015-8448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8448 [ 71 ] CVE-2015-8449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8449 [ 72 ] CVE-2015-8450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8450 [ 73 ] CVE-2015-8451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8451 [ 74 ] CVE-2015-8452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8452 [ 75 ] CVE-2015-8453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8453 [ 76 ] CVE-2015-8454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8454 [ 77 ] CVE-2015-8455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8455 [ 78 ] CVE-2015-8459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8459 [ 79 ] CVE-2015-8460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8460 [ 80 ] CVE-2015-8635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8635 [ 81 ] CVE-2015-8636 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8636 [ 82 ] CVE-2015-8638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8638 [ 83 ] CVE-2015-8639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8639 [ 84 ] CVE-2015-8640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8640 [ 85 ] CVE-2015-8641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8641 [ 86 ] CVE-2015-8642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8642 [ 87 ] CVE-2015-8643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8643 [ 88 ] CVE-2015-8644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8644 [ 89 ] CVE-2015-8645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8645 [ 90 ] CVE-2015-8646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8646 [ 91 ] CVE-2015-8647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8647 [ 92 ] CVE-2015-8648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8648 [ 93 ] CVE-2015-8649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8649 [ 94 ] CVE-2015-8650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8650 [ 95 ] CVE-2015-8651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8651 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201601-03 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.25

sources: NVD: CVE-2015-8645 // JVNDB: JVNDB-2015-006543 // BID: 79700 // VULHUB: VHN-86606 // VULMON: CVE-2015-8645 // PACKETSTORM: 135082 // PACKETSTORM: 135411

AFFECTED PRODUCTS

vendor:	adobe	model:	flash player	scope:	eq	version:	20.0.0.235	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	20.0.0.228	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	19.0.0.226	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	19.0.0.207	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	19.0.0.185	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	19.0.0.245	Trust: 1.6
vendor:	adobe	model:	air	scope:	lte	version:	20.0.0.204	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	11.2.202.554	Trust: 1.0
vendor:	adobe	model:	air sdk \& compiler	scope:	lte	version:	20.0.0.204	Trust: 1.0
vendor:	adobe	model:	air sdk	scope:	lte	version:	20.0.0.204	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	18.0.0.268	Trust: 1.0
vendor:	google	model:	chrome	scope:	-	version:	-	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	20.0.0.233 (android)	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	desktop runtime 20.0.0.233 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	air sdk	scope:	lt	version:	20.0.0.233 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	air sdk & compiler	scope:	lt	version:	20.0.0.233 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	11.2.202.559 (linux)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.267 (windows 10 edition microsoft edge/internet explorer 11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.267 (windows 8.0 and 8.1 edition internet explorer 10/11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.267 (windows/macintosh/linux/chromeos edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	desktop runtime 20.0.0.267 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	continuous support release 18.0.0.324 (windows/macintosh)	Trust: 0.8
vendor:	microsoft	model:	edge	scope:	eq	version:	(windows 10)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	10 (windows 8/windows server 2012/windows rt)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)	Trust: 0.8
vendor:	adobe	model:	air	scope:	eq	version:	20.0.0.204	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	18.0.0.268	Trust: 0.6
vendor:	adobe	model:	air sdk	scope:	eq	version:	20.0.0.204	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.554	Trust: 0.6
vendor:	red	model:	hat enterprise linux workstation supplementary	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux supplementary server	scope:	eq	version:	5	Trust: 0.3
vendor:	red	model:	hat enterprise linux server supplementary	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop supplementary	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop supplementary client	scope:	eq	version:	5	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.53.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.51.66	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.452	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.3218	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.22.87	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.15.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.36	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.35	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.2460	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.152.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.151.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.124.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.48.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.47.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.45.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.31.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.289.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.283.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.280	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.28.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.277.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.260.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.246.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.159.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.155.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.115.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.35.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.34.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.73.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.70.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.69.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.68.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.67.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.66.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.61.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.60.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.53.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.24.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.19.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.14.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.79	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.21.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.235	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.233	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.229	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.223	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.112.61	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.63	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.62	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.55	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.0.1.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.4	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.26	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.14	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.159.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.157.51	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.156.12	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.28	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.27	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.24	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.13	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.153.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.33	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.32	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.85.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.82.76	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.15	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.14.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.106.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.105.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.65	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.42.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.32.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9130	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2080	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2070	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.1.0.4880	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.0	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1.1961	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19140	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2.12610	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.01	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.0	Trust: 0.3

sources: BID: 79700 // JVNDB: JVNDB-2015-006543 // CNNVD: CNNVD-201512-622 // NVD: CVE-2015-8645

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-8645
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-8645
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201512-622
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-86606
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-8645
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-8645
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-86606
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-8645
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-86606 // VULMON: CVE-2015-8645 // JVNDB: JVNDB-2015-006543 // CNNVD: CNNVD-201512-622 // NVD: CVE-2015-8645

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-86606 // JVNDB: JVNDB-2015-006543 // NVD: CVE-2015-8645

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 135411 // CNNVD: CNNVD-201512-622

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201512-622

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006543

PATCH

title:	APSB16-01	url:	http://helpx.adobe.com/security/products/flash-player/apsb16-01.html	Trust: 0.8
title:	APSB16-01	url:	http://helpx.adobe.com/jp/security/products/flash-player/apsb16-01.html	Trust: 0.8
title:	Google Chrome を更新する	url:	https://support.google.com/chrome/answer/95414?hl=ja	Trust: 0.8
title:	Google Chrome	url:	https://www.google.com/intl/ja/chrome/browser/features.html	Trust: 0.8
title:	Chrome Releases	url:	http://googlechromereleases.blogspot.jp/	Trust: 0.8
title:	Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)	url:	https://technet.microsoft.com/en-us/library/security/2755801	Trust: 0.8
title:	Internet Explorer および Microsoft Edge 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)	url:	https://technet.microsoft.com/ja-jp/library/security/2755801	Trust: 0.8
title:	アドビシステムズ社 Adobe Flash Player の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20160104f.html	Trust: 0.8
title:	Multiple Adobe Product Buffer Overflow Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59373	Trust: 0.6
title:	Red Hat: CVE-2015-8645	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-8645	Trust: 0.1
title:	Red Hat: Critical: flash-plugin security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20152697 - Security Advisory	Trust: 0.1
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: VULMON: CVE-2015-8645 // JVNDB: JVNDB-2015-006543 // CNNVD: CNNVD-201512-622

EXTERNAL IDS

db:	NVD	id:	CVE-2015-8645	Trust: 3.1
db:	BID	id:	79700	Trust: 1.5
db:	SECTRACK	id:	1034544	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-006543	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-622	Trust: 0.7
db:	VULHUB	id:	VHN-86606	Trust: 0.1
db:	VULMON	id:	CVE-2015-8645	Trust: 0.1
db:	PACKETSTORM	id:	135082	Trust: 0.1
db:	PACKETSTORM	id:	135411	Trust: 0.1

sources: VULHUB: VHN-86606 // VULMON: CVE-2015-8645 // BID: 79700 // JVNDB: JVNDB-2015-006543 // PACKETSTORM: 135082 // PACKETSTORM: 135411 // CNNVD: CNNVD-201512-622 // NVD: CVE-2015-8645

REFERENCES

url:	https://helpx.adobe.com/security/products/flash-player/apsb16-01.html	Trust: 2.2
url:	https://security.gentoo.org/glsa/201601-03	Trust: 1.3
url:	http://rhn.redhat.com/errata/rhsa-2015-2697.html	Trust: 1.3
url:	http://www.securityfocus.com/bid/79700	Trust: 1.2
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05356388	Trust: 1.2
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05385680	Trust: 1.2
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722	Trust: 1.2
url:	http://www.securitytracker.com/id/1034544	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8645	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20160104-adobeflashplayer.html	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2016/at160001.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8645	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/topics/?seq=17414	Trust: 0.8
url:	https://www.adobe.com/software/flash/about/	Trust: 0.3
url:	http://www.adobe.com	Trust: 0.3
url:	http://technet.microsoft.com/en-us/security/advisory/2755801	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=43192	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8651	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8459	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8650	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8640	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#critical	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8634	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8648	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8634	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8638	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8459	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8644	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8643	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8639	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8645	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8648	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8649	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8639	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8641	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8646	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8460	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8647	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8636	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8651	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8647	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8646	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8640	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8644	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8641	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8460	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8636	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8650	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8635	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8642	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8635	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8645	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8649	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8643	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8638	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8451	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8402	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8071	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8407	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8445	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8410	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8649	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8062	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8056	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8455	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8437	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8460	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8436	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8448	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8066	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8403	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8404	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8643	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8430	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8060	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8452	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8071	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8636	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8048	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8414	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8062	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8049	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8405	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8440	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8402	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8424	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8638	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8059	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8068	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8648	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8421	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8454	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8405	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8064	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8047	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8061	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8408	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8432	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8442	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8057	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8048	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8404	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8067	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8453	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8411	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8415	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8060	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8450	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8459	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8441	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8063	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8063	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8401	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8061	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8045	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8423	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8417	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8644	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8047	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8438	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8646	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8651	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8049	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8422	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8447	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8065	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8647	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8050	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8068	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8409	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8069	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8418	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8449	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8066	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8428	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8420	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8429	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8439	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8065	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8067	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8069	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8406	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8055	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8427	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8433	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8050	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8416	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8070	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8419	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8064	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8650	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8426	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8055	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8059	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8431	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8058	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8412	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8434	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8057	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8401	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8056	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8406	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8070	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8058	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8045	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8435	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8425	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1

CREDITS

Kai Kang of Tencent's Xuanwu LAB, Jie Zeng of Qihoo 360, Ben Hawkes, and Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero

Trust: 0.3

sources: BID: 79700

SOURCES

db:	VULHUB	id:	VHN-86606
db:	VULMON	id:	CVE-2015-8645
db:	BID	id:	79700
db:	JVNDB	id:	JVNDB-2015-006543
db:	PACKETSTORM	id:	135082
db:	PACKETSTORM	id:	135411
db:	CNNVD	id:	CNNVD-201512-622
db:	NVD	id:	CVE-2015-8645

LAST UPDATE DATE

2024-11-23T21:41:12.155000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-86606	date:	2017-02-17T00:00:00
db:	VULMON	id:	CVE-2015-8645	date:	2017-02-17T00:00:00
db:	BID	id:	79700	date:	2016-02-11T07:44:00
db:	JVNDB	id:	JVNDB-2015-006543	date:	2016-01-04T00:00:00
db:	CNNVD	id:	CNNVD-201512-622	date:	2015-12-31T00:00:00
db:	NVD	id:	CVE-2015-8645	date:	2024-11-21T02:38:52.987

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-86606	date:	2015-12-28T00:00:00
db:	VULMON	id:	CVE-2015-8645	date:	2015-12-28T00:00:00
db:	BID	id:	79700	date:	2015-12-28T00:00:00
db:	JVNDB	id:	JVNDB-2015-006543	date:	2016-01-04T00:00:00
db:	PACKETSTORM	id:	135082	date:	2015-12-29T16:45:21
db:	PACKETSTORM	id:	135411	date:	2016-01-27T17:28:38
db:	CNNVD	id:	CNNVD-201512-622	date:	2015-12-29T00:00:00
db:	NVD	id:	CVE-2015-8645	date:	2015-12-28T23:59:13.300