CVE-2015-5572

CVSS V2 Medium 5 CVSS V3 None
Description
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
Overview
  • CVE ID
  • CVE-2015-5572
  • Assigner
  • psirt@adobe.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2015-09-22T10:59:05
  • Last Modified Date
  • 2017-02-17T02:59:02
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:* 1 OR 18.0.0.199
cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:* 1 OR 18.0.0.199
cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:* 1 OR 18.0.0.180
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* 1 OR 11.2.202.508
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* 1 OR 13.0.0.289
cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:17.0.0.190:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:17.0.0.191:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:18.0.0.160:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:18.0.0.194:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:18.0.0.209:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:18.0.0.232:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:* 1 OR 18.0.0.143
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 09:48:43 Added to TrackCVE
2022-12-02 06:28:22 2015-09-22T10:59Z 2015-09-22T10:59:05 CVE Published Date updated
2022-12-02 06:28:23 2017-02-17T02:59:02 CVE Modified Date updated
2022-12-02 06:28:23 Modified Vulnerability Status updated