Summary
This host is installed with Adobe Air
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow
remote attackers to disclose potentially sensitive information and compromise a user's system.
Impact Level: System/Application.
Solution
Upgrade to Adobe AIR version 16.0.0.245
or later. For updates refer to http://get.adobe.com/air
Insight
Multiple flaws exists due to,
- An unspecified error related to improper file validation.
- Another unspecified error which can be exploited to capture keystrokes.
- Two unspecified errors which can be exploited to corrupt memory.
- Two unspecified errors which can be exploited to cause a heap-based buffer overflow.
- A type confusion error which can be exploited to corrupt memory.
- An out-of-bounds read error.
- An unspecified use-after-free error.
Affected
Adobe AIR before version 16.0.0.245
on Mac OS X
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304, CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308, CVE-2015-0309 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)