Details of VAR-201604-0200

ID

VAR-201604-0200

CVE

CVE-2015-8823

TITLE

Adobe Flash Player and Adobe AIR of TextField Vulnerability in arbitrary code execution in object implementation

Trust: 0.8

sources: JVNDB: JVNDB-2015-007107

DESCRIPTION

Adobe Flash Player and Adobe AIR of TextField Use of freed memory for object implementation (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8653 , CVE-2015-8655 , CVE-2015-8821 ,and CVE-2015-8822 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers text Arbitrary code may be executed via the property. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TextField object. By manipulating the text property of a TextField, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier versions, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier versions based on Windows 10, Adobe Flash Player for Internet Explorer 10 and 11 19.0 based on Windows 8.0 and 8.1 platforms .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0

Trust: 1.71

sources: JVNDB: JVNDB-2015-007107 // ZDI: ZDI-15-665 // BID: 90890 // VULHUB: VHN-86784

AFFECTED PRODUCTS

vendor:	adobe	model:	air sdk	scope:	lte	version:	19.0.0.241	Trust: 1.0
vendor:	adobe	model:	air	scope:	lte	version:	19.0.0.241	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	19.0.0.245	Trust: 1.0
vendor:	adobe	model:	flash player desktop runtime	scope:	lte	version:	19.0.0.245	Trust: 1.0
vendor:	adobe	model:	air sdk \& compiler	scope:	lte	version:	19.0.0.241	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	11.2.202.548	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	18.0.0.261	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	47.0.2526.80 (windows/macintosh/linux/chrome os)	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	20.0.0.204 (android)	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	desktop runtime 20.0.0.204 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	air sdk	scope:	lt	version:	20.0.0.204 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	air sdk & compiler	scope:	lt	version:	20.0.0.204 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	11.2.202.554 (linux)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	continuous support release 18.0.0.268 (windows/macintosh)	Trust: 0.8
vendor:	microsoft	model:	edge	scope:	eq	version:	(windows 10)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	10 (windows 8/windows server 2012/windows rt)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)	Trust: 0.8
vendor:	adobe	model:	flash	scope:	-	version:	-	Trust: 0.7
vendor:	adobe	model:	flash player	scope:	eq	version:	18.0.0.261	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.53.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.51.66	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.452	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.3218	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.22.87	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.15.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.36	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.35	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.2460	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.152.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.151.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.124.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.48.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.47.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.45.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.31.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.289.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.283.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.280	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.28.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.277.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.260.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.246.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.159.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.155.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.115.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.35.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.34.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.73.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.70.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.69.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.68.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.67.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.66.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.61.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.60.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.53.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.24.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.19.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.14.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.79	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.21.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.235	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.233	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.229	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.223	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.112.61	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.63	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.62	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.55	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.0.1.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.4	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.26	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.14	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.159.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.157.51	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.156.12	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.28	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.27	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.24	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.13	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.153.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.33	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.32	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.85.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.82.76	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.15	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.14.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.106.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.105.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.65	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.42.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.32.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9130	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2080	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2070	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.1.0.4880	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.0	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1.1961	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19140	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2.12610	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.01	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.0	Trust: 0.3

sources: ZDI: ZDI-15-665 // BID: 90890 // JVNDB: JVNDB-2015-007107 // CNNVD: CNNVD-201604-545 // NVD: CVE-2015-8823

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-8823
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-8823
value:	HIGH
Trust: 0.8
ZDI:	CVE-2015-8823
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201604-545
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-86784
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-8823
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-8823
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
ZDI:	CVE-2015-8823
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
VULHUB:	VHN-86784
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-8823
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2015-8823
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZDI: ZDI-15-665 // VULHUB: VHN-86784 // VULMON: CVE-2015-8823 // JVNDB: JVNDB-2015-007107 // CNNVD: CNNVD-201604-545 // NVD: CVE-2015-8823

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2015-007107 // NVD: CVE-2015-8823

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-545

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201604-545

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007107

PATCH

title:	APSB15-32	url:	https://helpx.adobe.com/security/products/flash-player/apsb15-32.html	Trust: 1.5
title:	APSB15-32	url:	https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html	Trust: 0.8
title:	Stable Channel Update for Chrome OS	url:	http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html	Trust: 0.8
title:	Google Chrome	url:	https://www.google.com/intl/ja/chrome/browser/features.html	Trust: 0.8
title:	Stable Channel Update	url:	http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html	Trust: 0.8
title:	Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)	url:	https://technet.microsoft.com/en-us/library/security/2755801	Trust: 0.8
title:	Internet Explorer および Microsoft Edge 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)	url:	https://technet.microsoft.com/ja-jp/library/security/2755801	Trust: 0.8
title:	アドビシステムズ社 Adobe Flash Player の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20151210f.html	Trust: 0.8
title:	Multiple Adobe Remediation measures for reusing vulnerabilities after product release	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61229	Trust: 0.6
title:	Red Hat: CVE-2015-8823	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-8823	Trust: 0.1
title:	Red Hat: Critical: flash-plugin security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20152593 - Security Advisory	Trust: 0.1
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: ZDI: ZDI-15-665 // VULMON: CVE-2015-8823 // JVNDB: JVNDB-2015-007107 // CNNVD: CNNVD-201604-545

EXTERNAL IDS

db:	NVD	id:	CVE-2015-8823	Trust: 3.6
db:	ZDI	id:	ZDI-15-665	Trust: 2.5
db:	JVNDB	id:	JVNDB-2015-007107	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3357	Trust: 0.7
db:	CNNVD	id:	CNNVD-201604-545	Trust: 0.7
db:	BID	id:	90890	Trust: 0.4
db:	VULHUB	id:	VHN-86784	Trust: 0.1
db:	VULMON	id:	CVE-2015-8823	Trust: 0.1

sources: ZDI: ZDI-15-665 // VULHUB: VHN-86784 // VULMON: CVE-2015-8823 // BID: 90890 // JVNDB: JVNDB-2015-007107 // CNNVD: CNNVD-201604-545 // NVD: CVE-2015-8823

REFERENCES

url:	https://helpx.adobe.com/security/products/flash-player/apsb15-32.html	Trust: 2.5
url:	http://www.zerodayinitiative.com/advisories/zdi-15-665	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8823	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2015/at150042.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8823	Trust: 0.8
url:	https://www.npa.go.jp/cyberpolice/topics/?seq=17283	Trust: 0.8
url:	http://www.adobe.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/416.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/90890	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-8823	Trust: 0.1

sources: ZDI: ZDI-15-665 // VULHUB: VHN-86784 // VULMON: CVE-2015-8823 // BID: 90890 // JVNDB: JVNDB-2015-007107 // CNNVD: CNNVD-201604-545 // NVD: CVE-2015-8823

CREDITS

Anonymous

Trust: 0.7

sources: ZDI: ZDI-15-665

SOURCES

db:	ZDI	id:	ZDI-15-665
db:	VULHUB	id:	VHN-86784
db:	VULMON	id:	CVE-2015-8823
db:	BID	id:	90890
db:	JVNDB	id:	JVNDB-2015-007107
db:	CNNVD	id:	CNNVD-201604-545
db:	NVD	id:	CVE-2015-8823

LAST UPDATE DATE

2024-11-23T23:02:38.270000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-15-665	date:	2016-04-15T00:00:00
db:	VULHUB	id:	VHN-86784	date:	2016-05-26T00:00:00
db:	VULMON	id:	CVE-2015-8823	date:	2023-05-15T00:00:00
db:	BID	id:	90890	date:	2016-07-06T14:51:00
db:	JVNDB	id:	JVNDB-2015-007107	date:	2016-05-02T00:00:00
db:	CNNVD	id:	CNNVD-201604-545	date:	2016-04-25T00:00:00
db:	NVD	id:	CVE-2015-8823	date:	2024-11-21T02:39:16.100

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-15-665	date:	2016-04-15T00:00:00
db:	VULHUB	id:	VHN-86784	date:	2016-04-22T00:00:00
db:	VULMON	id:	CVE-2015-8823	date:	2016-04-22T00:00:00
db:	BID	id:	90890	date:	2016-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2015-007107	date:	2016-05-02T00:00:00
db:	CNNVD	id:	CNNVD-201604-545	date:	2016-04-25T00:00:00
db:	NVD	id:	CVE-2015-8823	date:	2016-04-22T18:59:00.110