QwikSec

Security Database

CVE

CWE

Training

CVE-2015-8438

Published: Dec 10, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted XML object that is mishandled during a toString call, a different vulnerability than CVE-2015-8446.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2015:2239

vendor-advisory

x_refsource_SUSE

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

x_refsource_CONFIRM

https://helpx.adobe.com/security/products/flash-player/apsb15-32.html

x_refsource_CONFIRM

SUSE-SU-2015:2236

vendor-advisory

x_refsource_SUSE

http://zerodayinitiative.com/advisories/ZDI-15-605

x_refsource_MISC

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

x_refsource_CONFIRM

SUSE-SU-2015:2247

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_GENTOO

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2015-8438 - Security Vulnerability | QwikSec