CVE-2015-3083

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3085.

Published: May 13, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-3083
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
adobe / flash_player	-	11.2.202.475.x
adobe / air_sdk	-	17.0.0.144.x
adobe / air	-	17.0.0.144.x
adobe / air_sdk_&_compiler	-	17.0.0.144.x
adobe / flash_player	-	13.0.0.264.x
adobe / flash_player	14.0.0.125	14.0.0.125.x
adobe / flash_player	14.0.0.145	14.0.0.145.x
adobe / flash_player	14.0.0.176	14.0.0.176.x
adobe / flash_player	14.0.0.179	14.0.0.179.x
adobe / flash_player	15.0.0.152	15.0.0.152.x
adobe / flash_player	15.0.0.167	15.0.0.167.x
adobe / flash_player	15.0.0.189	15.0.0.189.x
adobe / flash_player	15.0.0.223	15.0.0.223.x
adobe / flash_player	15.0.0.239	15.0.0.239.x
adobe / flash_player	15.0.0.246	15.0.0.246.x
adobe / flash_player	16.0.0.235	16.0.0.235.x
adobe / flash_player	16.0.0.257	16.0.0.257.x
adobe / flash_player	16.0.0.287	16.0.0.287.x
adobe / flash_player	16.0.0.296	16.0.0.296.x
adobe / flash_player	17.0.0.134	17.0.0.134.x
adobe / flash_player	17.0.0.169	17.0.0.169.x

Vulnerability Database

289,697

CVE-2015-3083