Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2015-7645 | Adobe Flash Player Arbitrary Code Execution Vulnerability | exploitation_technique | T1204.002 | Malicious File |
Comments
This vulnerability is exploited by the user opening a maliciously-crafted .swf file.
References
|