CyberSec.Space Logo
Back to CVE Browser

CVE-2015-7645

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score50.7170%
EPSS Percentile93.14th
PublishedOct 15, 2015
Last ModifiedApr 22, 2026

Vulnerability Description

Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.

Affected Platforms (CPE)

πŸ“¦
Adobe

Flash Player

>= 18.0.0.160 and <= 18.0.0.252
πŸ“¦
Adobe

Flash Player

= 19.0.0.185
πŸ“¦
Adobe

Flash Player

= 19.0.0.207
πŸ“¦
Adobe

Flash Player

<= 11.2.202.535
πŸ’»
Opensuse

Evergreen

= 11.4
πŸ’»
Opensuse

Opensuse

= 13.1
πŸ’»
Opensuse

Opensuse

= 13.2
πŸ’»
Suse

Linux Enterprise Desktop

= 11
πŸ’»
Suse

Linux Enterprise Desktop

= 11
πŸ’»
Suse

Linux Enterprise Desktop

= 12
πŸ’»
Suse

Linux Enterprise Workstation Extension

= 12
πŸ’»
Redhat

Enterprise Linux Desktop

= 5.0
πŸ’»
Redhat

Enterprise Linux Desktop

= 6.0
πŸ’»
Redhat

Enterprise Linux Eus

= 6.7
πŸ’»
Redhat

Enterprise Linux Server

= 5.0
πŸ’»
Redhat

Enterprise Linux Server

= 6.0
πŸ’»
Redhat

Enterprise Linux Server From Rhui

= 5.0
πŸ’»
Redhat

Enterprise Linux Server From Rhui

= 6.0
πŸ’»
Redhat

Enterprise Linux Workstation

= 5.0
πŸ’»
Redhat

Enterprise Linux Workstation

= 6.0

References & Advisories

πŸ”— http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00015.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00016.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00017.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html
πŸ”— http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2015-1913.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2015-2024.html

Related Vulnerabilities

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525610.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525710.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...