Adobe AIR for Mac <= 188.8.131.52 Multiple Vulnerabilities (APSB16-01)
High Nessus Plugin ID 87658
SynopsisThe remote Mac OS X host has a browser plugin installed that is affected by multiple vulnerabilities.
DescriptionThe version of Adobe AIR installed on the remote Mac OS X host is equal or prior to version 184.108.40.206. It is, therefore, affected by multiple vulnerabilities :
- A type confusion error exists that a remote attacker can exploit to execute arbitrary code. (CVE-2015-8644)
- An integer overflow condition exists that a remote attacker can exploit to execute arbitrary code.
- Multiple use-after-free errors exist that a remote attacker can exploit to execute arbitrary code.
(CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2016-0959)
- Multiple memory corruption issues exist that allow a remote attacker to execute arbitrary code.
(CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645)
SolutionUpgrade to Adobe AIR version 220.127.116.11 or later.