CVE-2015-6682: Use After Free

First published: Tue Sep 22 2015(Updated: )

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Flash Player	<=13.0.0.289
Adobe Flash Player	=14.0.0.125
Adobe Flash Player	=14.0.0.145
Adobe Flash Player	=14.0.0.176
Adobe Flash Player	=14.0.0.179
Adobe Flash Player	=15.0.0.152
Adobe Flash Player	=15.0.0.167
Adobe Flash Player	=15.0.0.189
Adobe Flash Player	=15.0.0.223
Adobe Flash Player	=15.0.0.239
Adobe Flash Player	=15.0.0.246
Adobe Flash Player	=16.0.0.235
Adobe Flash Player	=16.0.0.257
Adobe Flash Player	=16.0.0.287
Adobe Flash Player	=16.0.0.296
Adobe Flash Player	=17.0.0.134
Adobe Flash Player	=17.0.0.169
Adobe Flash Player	=17.0.0.188
Adobe Flash Player	=17.0.0.190
Adobe Flash Player	=17.0.0.191
Adobe Flash Player	=18.0.0.160
Adobe Flash Player	=18.0.0.194
Adobe Flash Player	=18.0.0.203
Adobe Flash Player	=18.0.0.209
Adobe Flash Player	=18.0.0.232
Apple Mac OS X
Microsoft Windows
Adobe AIR	<=18.0.0.143
Google Android
Adobe AIR	<=18.0.0.199
Adobe AIR SDK	<=18.0.0.199
Adobe Air Sdk \& Compiler	<=18.0.0.180
Adobe Flash Player	<=11.2.202.508
Linux Linux kernel

Remedy

https://helpx.adobe.com/security/products/flash-player/apsb15-23.html

Never miss a vulnerability like this again

Reference Links

agent/severity
agent/references
agent/weakness
agent/author
agent/type
agent/tags
agent/description
agent/event
agent/softwarecombine
agent/first-publish-date
agent/remedy
agent/last-modified-date
collector/nvd-index
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
vendor/adobe
canonical/adobe flash player
version/adobe flash player/13.0.0.289
version/adobe flash player/14.0.0.125
version/adobe flash player/14.0.0.145
version/adobe flash player/14.0.0.176
version/adobe flash player/14.0.0.179
version/adobe flash player/15.0.0.152
version/adobe flash player/15.0.0.167
version/adobe flash player/15.0.0.189
version/adobe flash player/15.0.0.223
version/adobe flash player/15.0.0.239
version/adobe flash player/15.0.0.246
version/adobe flash player/16.0.0.235
version/adobe flash player/16.0.0.257
version/adobe flash player/16.0.0.287
version/adobe flash player/16.0.0.296
version/adobe flash player/17.0.0.134
version/adobe flash player/17.0.0.169
version/adobe flash player/17.0.0.188
version/adobe flash player/17.0.0.190
version/adobe flash player/17.0.0.191
version/adobe flash player/18.0.0.160
version/adobe flash player/18.0.0.194
version/adobe flash player/18.0.0.203
version/adobe flash player/18.0.0.209
version/adobe flash player/18.0.0.232
vendor/apple
canonical/apple mac os x
vendor/microsoft
canonical/microsoft windows
canonical/adobe air
version/adobe air/18.0.0.143
vendor/google
canonical/google android
version/adobe air/18.0.0.199
canonical/adobe air sdk
version/adobe air sdk/18.0.0.199
canonical/adobe air sdk \& compiler
version/adobe air sdk \& compiler/18.0.0.180
version/adobe flash player/11.2.202.508
vendor/linux
canonical/linux linux kernel

CVE-2015-6682: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact