CVE-2015-8651 - Vulnerability Details

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since May 25, 2022.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Adobe	Air Air Sdk Air Sdk \& Compiler Flash Player
Apple	Iphone Os Mac Os X
Google	Android
Hp	Insight Control Insight Control Server Provisioning Matrix Operating Environment System Management Homepage Systems Insight Manager Version Control Repository Manager
Linux	Linux Kernel
Microsoft	Windows
Opensuse	Evergreen Opensuse
Redhat	Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation Rhel Extras
Suse	Linux Enterprise Desktop Linux Enterprise Workstation Extension

Configuration 1 [-]

AND

OR	cpe:2.3:a:adobe:air_sdk::::::::
	cpe:2.3:a:adobe:air_sdk_\&_compiler::::::::

OR	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:google:android::::::::
	cpe:2.3:o:microsoft:windows::::::::

Configuration 2 [-]

AND

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:google:android::::::::
	cpe:2.3:o:microsoft:windows::::::::

Configuration 4 [-]

AND

OR	cpe:2.3:a:adobe:flash_player::::::::
	cpe:2.3:a:adobe:flash_player::::::::

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:microsoft:windows::::::::

Configuration 5 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

Configuration 6 [-]

OR	cpe:2.3:o:opensuse:evergreen:11.4:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1::::::

Configuration 7 [-]

OR	cpe:2.3:a:hp:insight_control::::::::
	cpe:2.3:a:hp:insight_control_server_provisioning::::::::
	cpe:2.3:a:hp:matrix_operating_environment:7.6:::::::*
	cpe:2.3:a:hp:system_management_homepage::::::::
	cpe:2.3:a:hp:systems_insight_manager::::::::
	cpe:2.3:a:hp:version_control_repository_manager::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5 Supplementary
flash-plugin-0:11.2.202.559-1.el5	cpe:/a:redhat:rhel_extras:5	RHSA-2015:2697	2015-12-29T00:00:00Z
Red Hat Enterprise Linux 6 Supplementary
flash-plugin-0:11.2.202.559-1.el6_7	cpe:/a:redhat:rhel_extras:6	RHSA-2015:2697	2015-12-29T00:00:00Z

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html
http://rhn.redhat.com/errata/RHSA-2015-2697.html
http://www.securityfocus.com/bid/79705
http://www.securitytracker.com/id/1034544
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
https://nvd.nist.gov/vuln/detail/CVE-2015-8651
https://security.gentoo.org/glsa/201601-03
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2015-8651

History

Tue, 04 Feb 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-05-25'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 13 Aug 2024 23:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2015-12-28T23:00:00.000Z

Updated: 2025-02-04T21:45:17.888Z

Reserved: 2015-12-23T00:00:00.000Z

Link: CVE-2015-8651

Vulnrichment

Updated: 2024-08-06T08:20:43.557Z

NVD

Status : Analyzed

Published: 2015-12-28T23:59:19.050

Modified: 2025-02-14T16:15:12.217

Link: CVE-2015-8651

Redhat

Severity : Critical

Publid Date: 2015-12-28T00:00:00Z

Links: CVE-2015-8651 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-28T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-16T10:57:01.000Z", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "openSUSE-SU-2015:2403", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"}, {"name": "1034544", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034544"}, {"name": "RHSA-2015:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"}, {"name": "79705", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/79705"}, {"name": "SUSE-SU-2015:2401", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "SUSE-SU-2015:2402", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"}, {"name": "openSUSE-SU-2015:2400", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"}, {"name": "GLSA-201601-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201601-03"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8651", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2015:2403", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"}, {"name": "1034544", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034544"}, {"name": "RHSA-2015:2697", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"}, {"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"}, {"name": "79705", "refsource": "BID", "url": "http://www.securityfocus.com/bid/79705"}, {"name": "SUSE-SU-2015:2401", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "SUSE-SU-2015:2402", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"}, {"name": "openSUSE-SU-2015:2400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"}, {"name": "GLSA-201601-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201601-03"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:20:43.557Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2015:2403", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"}, {"name": "1034544", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034544"}, {"name": "RHSA-2015:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"}, {"name": "79705", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/79705"}, {"name": "SUSE-SU-2015:2401", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "SUSE-SU-2015:2402", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"}, {"name": "openSUSE-SU-2015:2400", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"}, {"name": "GLSA-201601-03", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201601-03"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-8651", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:38:33.542604Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-05-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2015-8651"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:45:17.888Z"}}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8651", "datePublished": "2015-12-28T23:00:00.000Z", "dateReserved": "2015-12-23T00:00:00.000Z", "dateUpdated": "2025-02-04T21:45:17.888Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html", "name": "openSUSE-SU-2015:2403", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1034544", "name": "1034544", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html", "name": "RHSA-2015:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/79705", "name": "79705", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html", "name": "SUSE-SU-2015:2401", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html", "name": "SUSE-SU-2015:2402", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html", "name": "openSUSE-SU-2015:2400", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/201601-03", "name": "GLSA-201601-03", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:20:43.557Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-8651", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:38:33.542604Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-05-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2015-8651"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:38:35.855Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-28T00:00:00.000Z", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html", "name": "openSUSE-SU-2015:2403", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.securitytracker.com/id/1034544", "name": "1034544", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html", "name": "RHSA-2015:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.securityfocus.com/bid/79705", "name": "79705", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html", "name": "SUSE-SU-2015:2401", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html", "name": "SUSE-SU-2015:2402", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html", "name": "openSUSE-SU-2015:2400", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "https://security.gentoo.org/glsa/201601-03", "name": "GLSA-201601-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2017-02-16T10:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html", "name": "openSUSE-SU-2015:2403", "refsource": "SUSE"}, {"url": "http://www.securitytracker.com/id/1034544", "name": "1034544", "refsource": "SECTRACK"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html", "name": "RHSA-2015:2697", "refsource": "REDHAT"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "refsource": "CONFIRM"}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/79705", "name": "79705", "refsource": "BID"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html", "name": "SUSE-SU-2015:2401", "refsource": "SUSE"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html", "name": "SUSE-SU-2015:2402", "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html", "name": "openSUSE-SU-2015:2400", "refsource": "SUSE"}, {"url": "https://security.gentoo.org/glsa/201601-03", "name": "GLSA-201601-03", "refsource": "GENTOO"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-8651", "STATE": "PUBLIC", "ASSIGNER": "psirt@adobe.com"}}}}, "cveMetadata": {"cveId": "CVE-2015-8651", "state": "PUBLISHED", "dateUpdated": "2025-02-04T21:45:17.888Z", "dateReserved": "2015-12-23T00:00:00.000Z", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "datePublished": "2015-12-28T23:00:00.000Z", "assignerShortName": "adobe"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-06-15", "cisaExploitAdd": "2022-05-25", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5AEC3F3-52AF-46E6-A4D1-79854036B3C0", "versionEndExcluding": "20.0.0.233", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:air_sdk_\\&_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C954724-30BB-4215-8BEA-930A81B73ADF", "versionEndExcluding": "20.0.0.233", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A5D0BB1-753D-4C3C-9D86-D095C7964A50", "versionEndExcluding": "11.2.202.559", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "94665D71-220E-47CF-9108-4ABAA833FC87", "versionEndExcluding": "20.0.0.233", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA77DE00-4A06-4C87-96BB-81A6430456D8", "versionEndExcluding": "18.0.0.324", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "17AEDAF8-0784-4735-8245-DE60751067DA", "versionEndExcluding": "20.0.0.267", "versionStartIncluding": "19.0.0.185", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:insight_control:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB12FFA6-C8C5-4052-B6C3-F83119FF21EC", "versionEndExcluding": "7.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:insight_control_server_provisioning:*:*:*:*:*:*:*:*", "matchCriteriaId": "661098DB-F0F8-4AC1-A758-23B33E70BD91", "versionEndExcluding": "7.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:matrix_operating_environment:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "17A5B13C-7BC0-4E6B-9260-12C29AD068AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B49E6F3-2FA7-4B1A-A6AC-AD655CB83586", "versionEndExcluding": "7.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2928FF2-3AD4-4220-B5E3-6069499ABD97", "versionEndExcluding": "7.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:version_control_repository_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E08DDFC5-1DE5-4729-927C-823BB2E087FE", "versionEndExcluding": "7.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de enteros en Adobe Flash Player en versiones anteriores a 18.0.0.324 y 19.x y 20.x en versiones anteriores a 20.0.0.267 en Windows y OS X y en versiones anteriores a 11.2.202.559 en Linux, Adobe AIR en versiones anteriores a 20.0.0.233, Adobe AIR SDK en versiones anteriores a 20.0.0.233 y Adobe AIR SDK & Compiler en versiones anteriores a 20.0.0.233 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2015-8651", "lastModified": "2025-02-14T16:15:12.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2015-12-28T23:59:19.050", "references": [{"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/79705"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1034544"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"source": "psirt@adobe.com", "tags": ["Not Applicable", "Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201601-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/79705"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1034544"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable", "Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201601-03"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2015:2697", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.559-1.el5", "product_name": "Red Hat Enterprise Linux 5 Supplementary", "release_date": "2015-12-29T00:00:00Z"}, {"advisory": "RHSA-2015:2697", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.559-1.el6_7", "product_name": "Red Hat Enterprise Linux 6 Supplementary", "release_date": "2015-12-29T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: multiple code execution issues fixed in APSB16-01", "id": "1294580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294580"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."], "name": "CVE-2015-8651", "public_date": "2015-12-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-8651\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8651\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-01.html\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object