CVE-2015-7625

Vulnerability

This is a memory corruption vulnerability in Adobe Flash Player affecting versions before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X, and before 11.2.202.535 on Linux. Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 are also affected. The flaw is triggered via unspecified vectors, indicating that an attacker can craft a malicious SWF file to corrupt memory [1][2][3].

Exploitation

To exploit this vulnerability, an attacker needs to deliver a specially crafted SWF file to the victim. The victim must load a page or open content that uses the malicious SWF file. No additional authentication or special network position beyond standard web delivery is required. The exact exploitation steps are not publicly detailed, but the vulnerability is known to be remotely exploitable [2][3].

Impact

Successful exploitation can allow an attacker to execute arbitrary code with the privileges of the affected process, or cause a denial of service (application crash). This could lead to full system compromise if the Flash process runs with high privileges. The vulnerability also has the potential for information disclosure as part of the memory corruption [2][3].

Mitigation

Adobe released fixed versions: Flash Player 18.0.0.252/19.0.0.207 (Windows/OS X) and 11.2.202.535 (Linux), and Adobe AIR 19.0.0.213. Red Hat provided updated packages (flash-plugin-11.2.202.548) for Red Hat Enterprise Linux 5 Supplementary [2]. Gentoo users can upgrade to www-plugins/adobe-flash-11.2.202.548 [3]. There is no known workaround; users should apply the update promptly [3]. This CVE is not listed in CISA's Known Exploited Vulnerabilities catalog.