Strix
26.1K

CVE-2015-8417

UnknownEPSS 6.13%

Last modified

CVE-2015-8417 is a vulnerability of currently unknown severity. Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.. EPSS estimates a 6.13% chance of exploitation in the next 30 days.

Description

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.

Metrics

EPSS Probability
6.13%

92.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeFlash Player<= 11.2.202.548
AdobeFlash Player<= 18.0.0.261
AdobeFlash Player19.0.0.185
AdobeFlash Player19.0.0.207
AdobeFlash Player19.0.0.226
AdobeFlash Player19.0.0.245
AdobeAir<= 19.0.0.241
AdobeAir Sdk<= 19.0.0.241
AdobeAir Sdk \& Compiler<= 19.0.0.241

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2015-8417?
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
How severe is CVE-2015-8417?
Severity scoring for CVE-2015-8417 is pending analysis. The EPSS model estimates a 6.13% probability of exploitation in the next 30 days.
How do I fix CVE-2015-8417?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-8417?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST