Adobe patches another 19 Flash Player bugs, one of them is exploited in the wild

Posted on Tuesday, Dec 29 2015 @ 11:02 CET by Thomas De Maesschalck
Flash logo
Adobe published a new patch for Flash Player that addresses 19 security bugs. Users of the Flash Player are recommended to upgrade asap as one of the flaws, which involves an overflow vulnerability, is actively exploited in the wild.

The total number of fixed security vulnerabilities in 2015 now stands at 319. That's almost one security flaw per day, a perfect illustration of how buggy the Flash Player is.
Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks.

Vulnerability Details:
  • These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-8644).
  • These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-8651).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650).
  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645).

  • About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

    Loading Comments