Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2015-8651 | Adobe Flash Player Integer Overflow Vulnerability | secondary_impact | T1486 | Data Encrypted for Impact |
Comments
This vulnerability is exploited with maliciously-crafted code hosted on a website via drive-by compromise. It has been seen used in the wild by exploit kits whose goal is frequently to load ransomware onto the target machine.
References
|
| CVE-2015-8651 | Adobe Flash Player Integer Overflow Vulnerability | primary_impact | T1105 | Ingress Tool Transfer |
Comments
This vulnerability is exploited with maliciously-crafted code hosted on a website via drive-by compromise. It has been seen used in the wild by exploit kits whose goal is frequently to load ransomware onto the target machine.
References
|
| CVE-2015-8651 | Adobe Flash Player Integer Overflow Vulnerability | exploitation_technique | T1189 | Drive-by Compromise |
Comments
This vulnerability is exploited with maliciously-crafted code hosted on a website via drive-by compromise. It has been seen used in the wild by exploit kits whose goal is frequently to load ransomware onto the target machine.
References
|