Zenith Live is coming to Europe in October. Join us! Learn More
Zenith Live is coming to Europe in October. Join us!
Learn More

Zero trust security

Make it possible

Your Mission

 

Security Advisory - December 29, 2015

Zscaler Protects against Multiple Security Vulnerabilities in Adobe Flash Player

 

 

Zscaler, working with Microsoft through their MAPP program, has deployed protections for the following 14 vulnerabilities included in the December 2015 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections as necessary.

APSB16-01Security updates available for Flash Player

Severity: Critical
Affected Software

  • Adobe Flash Player Desktop Runtime 20.0.0.235 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.268 and earlier
  • Adobe Flash Player for Google Chrome 20.0.0.228 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.228 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 20.0.0.228 and earlier
  • Adobe Flash Player for Linux 11.2.202.554 and earlier
  • AIR Desktop Runtime 20.0.0.204 and earlier
  • AIR SDK 20.0.0.204 and earlier
  • AIR SDK & Compiler 20.0.0.204 and earlier
  • AIR for Android 20.0.0.204 and earlier

CVE-2015-8460 – Flash Player Memory Corruption Vulnerability

CVE-2015-8634 – Flash Player Use After Free Vulnerability

CVE-2015-8635 – Flash Player Use After Free Vulnerability

CVE-2015-8636 – Flash Player Memory Corruption Vulnerability

CVE-2015-8638 – Flash Player Use After Free Vulnerability

CVE-2015-8640 – Flash Player Use After Free Vulnerability

CVE-2015-8642 – Flash Player Use After Free Vulnerability

CVE-2015-8643 – Flash Player Use After Free Vulnerability

CVE-2015-8644 – Flash Player Type Confusion Vulnerability

CVE-2015-8646 – Flash Player Use After Free Vulnerability

CVE-2015-8648 – Flash Player Use After Free Vulnerability

CVE-2015-8649 – Flash Player Use After Free Vulnerability

CVE-2015-8650 – Flash Player Use After Free Vulnerability

CVE-2015-8651 – Flash Player Use After Free Vulnerability

Description: Critical vulnerabilities have been identified in Adobe Flash Player. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.