1. Home
  2. CVE Database
  3. CVE-2015-8445
HIGH · 9.3

CVE-2015-8445

Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before ...

Vulnerability Description

Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a large BitmapData source object.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AdobeAir Sdk<= 19.0.0.241
AdobeAir Sdk \& Compiler<= 19.0.0.241
AppleIphone OsAll versions
AppleMac Os XAll versions
GoogleAndroidAll versions
MicrosoftWindowsAll versions
AdobeFlash Player<= 11.2.202.548
LinuxLinux KernelAll versions
AdobeAir<= 19.0.0.241

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2015-8445?

CVE-2015-8445 is a vulnerability with a CVSS score of 9.3 (HIGH). Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before ...

How severe is CVE-2015-8445?

CVE-2015-8445 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8445?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Air Sdk, Adobe Air Sdk \& Compiler, Apple Iphone Os, Apple Mac Os X, Google Android.