HTTP: Adobe Flash CVE-2015-8445 Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a large BitmapData source object.

References

CVE: CVE-2015-8445

Short Name
HTTP:STC:ADOBE:CVE-2015-8445-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2015-8445 Code Execution Flash Remote
Release Date
12/18/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
CVSS Score

9.3

Found a potential security threat?