CVE-2015-5576
Description
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.873
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Upgrade Adobe flash player 18.0.0.232 to latest version | Windows |
| Upgrade air 18.0.0.199 to latest version | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player Plugin 18.0.0.232 | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player PPAPI 18.0.0.232 | Windows |
| Multiple Vulnerabilities are affected in Adobe AIR For Mac 18.0.0.180 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-601945 | Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234