Published on: 12 August 2015
Security updates are released for Adobe Flash Player to address multiple vulnerabilities caused by type confusion, various buffer overflow, use-after-free error and memory corruption. To successfully exploit the vulnerabilities, a remote attacker could entice a targeted user to open a specially crafted web page, Flash file, or document that supports embedded Flash content.
A successful attack could lead to arbitrary code execution or potentially take control of the affected system.
Upgrade Adobe Flash Player to the following versions to address the issues. The upgrade can be obtained by using the auto-update mechanism or by downloading at the following URLs:
If you have multiple browsers, you are required to perform the Adobe Flash Player upgrade for each browser, the Flash Player version can be checked at http://www.adobe.com/software/flash/about/
https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
https://technet.microsoft.com/library/security/2755801
https://www.hkcert.org/my_url/en/alert/15081215
https://www.us-cert.gov/ncas/current-activity/2015/08/11/Adobe-Releases-Security-Updates-Flash-Player
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5124 (to CVE-2015-5125)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5127 (to CVE-2015-5134)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5539 (to CVE-2015-5541)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5544 (to CVE-2015-5564)