High severity8.8NVD Advisory· Published Dec 28, 2015· Updated Jun 17, 2026
CVE-2015-8644
CVE-2015-8644
Description
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*range: <=20.0.0.204
- (no CPE)range: <20.0.0.233
cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*range: <=20.0.0.204
- (no CPE)range: <20.0.0.233
- cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*Range: <=20.0.0.204
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=18.0.0.268
- cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:19.0.0.207:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:19.0.0.226:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:20.0.0.235:*:*:*:*:*:*:*
- (no CPE)range: <18.0.0.324 || (>=19.0 && <20.0.0.267)
- osv-coords6 versionspkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1
< 11.2.202.559-0.32.1+ 5 more
- (no CPE)range: < 11.2.202.559-0.32.1
- (no CPE)range: < 11.2.202.559-0.32.1
- (no CPE)range: < 11.2.202.559-117.1
- (no CPE)range: < 11.2.202.559-117.1
- (no CPE)range: < 11.2.202.559-117.1
- (no CPE)range: < 11.2.202.559-117.1
Patches
Vulnerability mechanics
References
13- helpx.adobe.com/security/products/flash-player/apsb16-01.htmlnvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-2697.htmlnvd
- www.securityfocus.com/bid/79704nvd
- www.securitytracker.com/id/1034544nvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- security.gentoo.org/glsa/201601-03nvd
- www.exploit-db.com/exploits/39476/nvd
News mentions
0No linked articles in our index yet.