What is the severity of CVE-2015-7639?

CVE-2015-7639 is classified as a critical vulnerability due to its potential to execute arbitrary code.

How do I fix CVE-2015-7639?

To mitigate CVE-2015-7639, update Adobe Flash Player to version 18.0.0.252 or later, and Adobe AIR to version 19.0.0.213 or later.

What platforms are affected by CVE-2015-7639?

CVE-2015-7639 affects Adobe Flash Player versions prior to 18.0.0.252 and 19.x versions before 19.0.0.207, as well as older versions of Adobe AIR.

Can CVE-2015-7639 be exploited remotely?

Yes, CVE-2015-7639 can be exploited remotely through crafted content, allowing attackers to execute code on the victim's machine.

Is CVE-2015-7639 specific to a certain operating system?

CVE-2015-7639 is not limited to a specific operating system but affects Adobe Flash Player and AIR on Windows, macOS, and Linux.

Vulnerability/
CVE-2015-7639

critical

CWE

416

18/10/2015

6/8/2024

CVE-2015-7639: Use After Free

First published: Sun Oct 18 2015(Updated: )

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7640, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe AIR	<=19.0.0.190
Adobe AIR SDK and Compiler	<=19.0.0.190
Adobe AIR SDK & Compiler	<=19.0.0.190
macOS Yosemite
Microsoft Windows
Google Android
Adobe Flash Player for Internet Explorer 11	<=19.0.0.185
Adobe Flash Player for Internet Explorer 11	<=11.2.202.521
Linux Kernel

Remedy

https://helpx.adobe.com/security/products/flash-player/apsb15-25.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-7639?
CVE-2015-7639 is classified as a critical vulnerability due to its potential to execute arbitrary code.
How do I fix CVE-2015-7639?
To mitigate CVE-2015-7639, update Adobe Flash Player to version 18.0.0.252 or later, and Adobe AIR to version 19.0.0.213 or later.
What platforms are affected by CVE-2015-7639?
CVE-2015-7639 affects Adobe Flash Player versions prior to 18.0.0.252 and 19.x versions before 19.0.0.207, as well as older versions of Adobe AIR.
Can CVE-2015-7639 be exploited remotely?
Yes, CVE-2015-7639 can be exploited remotely through crafted content, allowing attackers to execute code on the victim's machine.
Is CVE-2015-7639 specific to a certain operating system?
CVE-2015-7639 is not limited to a specific operating system but affects Adobe Flash Player and AIR on Windows, macOS, and Linux.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/remedy
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe air
version/adobe air/19.0.0.190
canonical/adobe air sdk and compiler
version/adobe air sdk and compiler/19.0.0.190
canonical/adobe air sdk & compiler
version/adobe air sdk & compiler/19.0.0.190
vendor/apple
canonical/macos yosemite
vendor/microsoft
canonical/microsoft windows
vendor/google
canonical/google android
canonical/adobe flash player for internet explorer 11
version/adobe flash player for internet explorer 11/19.0.0.185
version/adobe flash player for internet explorer 11/11.2.202.521
vendor/linux
canonical/linux kernel