What is the severity of CVE-2015-4428?

The severity of CVE-2015-4428 is considered critical due to its potential to allow arbitrary code execution.

How do I fix CVE-2015-4428?

To fix CVE-2015-4428, upgrade Adobe Flash Player to the latest version available beyond 13.0.0.302, 14.x through 18.x before 18.0.0.203, or Adobe AIR to version 18.0.0.180 or newer.

What platforms are impacted by CVE-2015-4428?

CVE-2015-4428 affects Adobe Flash Player on Windows, OS X, and Linux as well as Adobe AIR on various platforms.

Is Adobe AIR impacted by CVE-2015-4428?

Yes, Adobe AIR versions before 18.0.0.180 are also affected by CVE-2015-4428.

Vulnerability/
CVE-2015-4428

critical

CWE

416

9/7/2015

6/8/2024

CVE-2015-4428: Use After Free

Q: Which versions of Adobe Flash Player are affected by CVE-2015-4428?

Adobe Flash Player versions before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 are affected by CVE-2015-4428.

First published: Thu Jul 09 2015(Updated: )

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4430, and CVE-2015-5117.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Macromedia Flash Player	<=13.0.0.289
Macromedia Flash Player	=14.0.0.125
Macromedia Flash Player	=14.0.0.145
Macromedia Flash Player	=14.0.0.176
Macromedia Flash Player	=14.0.0.179
Macromedia Flash Player	=15.0.0.152
Macromedia Flash Player	=15.0.0.167
Macromedia Flash Player	=15.0.0.189
Macromedia Flash Player	=15.0.0.223
Macromedia Flash Player	=15.0.0.239
Macromedia Flash Player	=15.0.0.246
Macromedia Flash Player	=16.0.0.235
Macromedia Flash Player	=16.0.0.257
Macromedia Flash Player	=16.0.0.287
Macromedia Flash Player	=16.0.0.296
Macromedia Flash Player	=17.0.0.134
Macromedia Flash Player	=17.0.0.169
Macromedia Flash Player	=17.0.0.188
Macromedia Flash Player	=17.0.0.190
Macromedia Flash Player	=18.0.0.160
Macromedia Flash Player	=18.0.0.194
Apple iOS and macOS
Microsoft Windows Operating System
Macromedia Flash Player	<=11.2.202.468
Linux Kernel
Adobe	<=18.0.0.144
Adobe AIR	<=18.0.0.144
Adobe AIR SDK & Compiler	<=18.0.0.144

Remedy

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4428?
The severity of CVE-2015-4428 is considered critical due to its potential to allow arbitrary code execution.
How do I fix CVE-2015-4428?
To fix CVE-2015-4428, upgrade Adobe Flash Player to the latest version available beyond 13.0.0.302, 14.x through 18.x before 18.0.0.203, or Adobe AIR to version 18.0.0.180 or newer.
Which versions of Adobe Flash Player are affected by CVE-2015-4428?
Adobe Flash Player versions before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 are affected by CVE-2015-4428.
What platforms are impacted by CVE-2015-4428?
CVE-2015-4428 affects Adobe Flash Player on Windows, OS X, and Linux as well as Adobe AIR on various platforms.
Is Adobe AIR impacted by CVE-2015-4428?
Yes, Adobe AIR versions before 18.0.0.180 are also affected by CVE-2015-4428.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/event
agent/first-publish-date
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/macromedia flash player
version/macromedia flash player/13.0.0.289
version/macromedia flash player/14.0.0.125
version/macromedia flash player/14.0.0.145
version/macromedia flash player/14.0.0.176
version/macromedia flash player/14.0.0.179
version/macromedia flash player/15.0.0.152
version/macromedia flash player/15.0.0.167
version/macromedia flash player/15.0.0.189
version/macromedia flash player/15.0.0.223
version/macromedia flash player/15.0.0.239
version/macromedia flash player/15.0.0.246
version/macromedia flash player/16.0.0.235
version/macromedia flash player/16.0.0.257
version/macromedia flash player/16.0.0.287
version/macromedia flash player/16.0.0.296
version/macromedia flash player/17.0.0.134
version/macromedia flash player/17.0.0.169
version/macromedia flash player/17.0.0.188
version/macromedia flash player/17.0.0.190
version/macromedia flash player/18.0.0.160
version/macromedia flash player/18.0.0.194
vendor/apple
canonical/apple ios and macos
vendor/microsoft
canonical/microsoft windows operating system
version/macromedia flash player/11.2.202.468
vendor/linux
canonical/linux kernel
canonical/adobe
version/adobe/18.0.0.144
canonical/adobe air
version/adobe air/18.0.0.144
canonical/adobe air sdk & compiler
version/adobe air sdk & compiler/18.0.0.144

CVE-2015-4428: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4428?

How do I fix CVE-2015-4428?

Which versions of Adobe Flash Player are affected by CVE-2015-4428?

What platforms are impacted by CVE-2015-4428?

Is Adobe AIR impacted by CVE-2015-4428?

Company

Resources

Contact