Vulnerability Description
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player Desktop Runtime | <= 32.0.0.207 |
| Apple | Macos | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Adobe | Flash Player | <= 32.0.0.207 |
| Chrome Os | - | |
| Microsoft | Windows 10 | - |
| Microsoft | Windows 8.1 | - |
| Chrome | < 87.0.4280.66 | |
| Debian | Debian Linux | 10.0 |
| Fedoraproject | Fedora | 32 |
References
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_Release NotesThird Party Advisory
- https://crbug.com/945997Mailing ListThird Party Advisory
- https://helpx.adobe.com/security/products/flash-player/apsb19-30.htmlPatchVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.debian.org/security/2021/dsa-4824Third Party Advisory
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_Release NotesThird Party Advisory
- https://crbug.com/945997Mailing ListThird Party Advisory
- https://helpx.adobe.com/security/products/flash-player/apsb19-30.htmlPatchVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.debian.org/security/2021/dsa-4824Third Party Advisory
FAQ
What is CVE-2019-8075?
CVE-2019-8075 is a vulnerability with a CVSS score of 7.5 (HIGH). Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current us...
How severe is CVE-2019-8075?
CVE-2019-8075 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8075?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player Desktop Runtime, Apple Macos, Linux Linux Kernel, Microsoft Windows, Adobe Flash Player.