What is the severity of CVE-2015-4428?

The severity of CVE-2015-4428 is considered critical due to its potential to allow arbitrary code execution.

How do I fix CVE-2015-4428?

To fix CVE-2015-4428, upgrade Adobe Flash Player to the latest version available beyond 13.0.0.302, 14.x through 18.x before 18.0.0.203, or Adobe AIR to version 18.0.0.180 or newer.

What platforms are impacted by CVE-2015-4428?

CVE-2015-4428 affects Adobe Flash Player on Windows, OS X, and Linux as well as Adobe AIR on various platforms.

Is Adobe AIR impacted by CVE-2015-4428?

Yes, Adobe AIR versions before 18.0.0.180 are also affected by CVE-2015-4428.

Vulnerability/
CVE-2015-4428

critical

CWE

416

9/7/2015

6/8/2024

CVE-2015-4428: Use After Free

Q: Which versions of Adobe Flash Player are affected by CVE-2015-4428?

Adobe Flash Player versions before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 are affected by CVE-2015-4428.

First published: Thu Jul 09 2015(Updated: )

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4430, and CVE-2015-5117.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Flash Player for Internet Explorer 11	<=13.0.0.289
Adobe Flash Player for Internet Explorer 11	=14.0.0.125
Adobe Flash Player for Internet Explorer 11	=14.0.0.145
Adobe Flash Player for Internet Explorer 11	=14.0.0.176
Adobe Flash Player for Internet Explorer 11	=14.0.0.179
Adobe Flash Player for Internet Explorer 11	=15.0.0.152
Adobe Flash Player for Internet Explorer 11	=15.0.0.167
Adobe Flash Player for Internet Explorer 11	=15.0.0.189
Adobe Flash Player for Internet Explorer 11	=15.0.0.223
Adobe Flash Player for Internet Explorer 11	=15.0.0.239
Adobe Flash Player for Internet Explorer 11	=15.0.0.246
Adobe Flash Player for Internet Explorer 11	=16.0.0.235
Adobe Flash Player for Internet Explorer 11	=16.0.0.257
Adobe Flash Player for Internet Explorer 11	=16.0.0.287
Adobe Flash Player for Internet Explorer 11	=16.0.0.296
Adobe Flash Player for Internet Explorer 11	=17.0.0.134
Adobe Flash Player for Internet Explorer 11	=17.0.0.169
Adobe Flash Player for Internet Explorer 11	=17.0.0.188
Adobe Flash Player for Internet Explorer 11	=17.0.0.190
Adobe Flash Player for Internet Explorer 11	=18.0.0.160
Adobe Flash Player for Internet Explorer 11	=18.0.0.194
macOS Yosemite
Microsoft Windows
Adobe Flash Player for Internet Explorer 11	<=11.2.202.468
Linux Kernel
Adobe AIR	<=18.0.0.144
Adobe AIR SDK and Compiler	<=18.0.0.144
Adobe AIR SDK & Compiler	<=18.0.0.144

Remedy

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4428?
The severity of CVE-2015-4428 is considered critical due to its potential to allow arbitrary code execution.
How do I fix CVE-2015-4428?
To fix CVE-2015-4428, upgrade Adobe Flash Player to the latest version available beyond 13.0.0.302, 14.x through 18.x before 18.0.0.203, or Adobe AIR to version 18.0.0.180 or newer.
Which versions of Adobe Flash Player are affected by CVE-2015-4428?
Adobe Flash Player versions before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 are affected by CVE-2015-4428.
What platforms are impacted by CVE-2015-4428?
CVE-2015-4428 affects Adobe Flash Player on Windows, OS X, and Linux as well as Adobe AIR on various platforms.
Is Adobe AIR impacted by CVE-2015-4428?
Yes, Adobe AIR versions before 18.0.0.180 are also affected by CVE-2015-4428.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
vendor/adobe
canonical/adobe flash player for internet explorer 11
version/adobe flash player for internet explorer 11/13.0.0.289
version/adobe flash player for internet explorer 11/14.0.0.125
version/adobe flash player for internet explorer 11/14.0.0.145
version/adobe flash player for internet explorer 11/14.0.0.176
version/adobe flash player for internet explorer 11/14.0.0.179
version/adobe flash player for internet explorer 11/15.0.0.152
version/adobe flash player for internet explorer 11/15.0.0.167
version/adobe flash player for internet explorer 11/15.0.0.189
version/adobe flash player for internet explorer 11/15.0.0.223
version/adobe flash player for internet explorer 11/15.0.0.239
version/adobe flash player for internet explorer 11/15.0.0.246
version/adobe flash player for internet explorer 11/16.0.0.235
version/adobe flash player for internet explorer 11/16.0.0.257
version/adobe flash player for internet explorer 11/16.0.0.287
version/adobe flash player for internet explorer 11/16.0.0.296
version/adobe flash player for internet explorer 11/17.0.0.134
version/adobe flash player for internet explorer 11/17.0.0.169
version/adobe flash player for internet explorer 11/17.0.0.188
version/adobe flash player for internet explorer 11/17.0.0.190
version/adobe flash player for internet explorer 11/18.0.0.160
version/adobe flash player for internet explorer 11/18.0.0.194
vendor/apple
canonical/macos yosemite
vendor/microsoft
canonical/microsoft windows
version/adobe flash player for internet explorer 11/11.2.202.468
vendor/linux
canonical/linux kernel
canonical/adobe air
version/adobe air/18.0.0.144
canonical/adobe air sdk and compiler
version/adobe air sdk and compiler/18.0.0.144
canonical/adobe air sdk & compiler
version/adobe air sdk & compiler/18.0.0.144

CVE-2015-4428: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4428?

How do I fix CVE-2015-4428?

Which versions of Adobe Flash Player are affected by CVE-2015-4428?

What platforms are impacted by CVE-2015-4428?

Is Adobe AIR impacted by CVE-2015-4428?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-4428?

How do I fix CVE-2015-4428?

Which versions of Adobe Flash Player are affected by CVE-2015-4428?

What platforms are impacted by CVE-2015-4428?

Is Adobe AIR impacted by CVE-2015-4428?