Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2015-8642

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.

  • Published: Dec 29, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-8642
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
adobe / flash_player - 18.0.0.268.x
adobe / flash_player 19.0.0.185 19.0.0.185.x
adobe / flash_player 19.0.0.207 19.0.0.207.x
adobe / flash_player 19.0.0.226 19.0.0.226.x
adobe / flash_player 19.0.0.245 19.0.0.245.x
adobe / flash_player 20.0.0.228 20.0.0.228.x
adobe / flash_player 20.0.0.235 20.0.0.235.x
adobe / air_sdk - 20.0.0.204.x
adobe / air_sdk_&_compiler - 20.0.0.204.x
adobe / flash_player - 11.2.202.554.x
adobe / air - 20.0.0.204.x