Adobe Flash Player Vulnerability (CVE-2015-7645)
Publish date: April 11, 2016
Severity: CRITICAL
CVE Identifier: CVE-2015-7645
Advisory Date: OCT 14, 2015
DESCRIPTION
This is a zero-day vulnerability in Adobe Flash Player is reportedly used by the Pawn Storm targeted attack campaign. The said vulnerability exists in Adobe Flash Player versions 19.0.0.207 and earlier for Windows and Mac operating systems.
Trend Micro researcher Peter Pi discovered and reported the details of the vulnerability to Adobe. The said company credited Pi for his research contribution.
TREND MICRO PROTECTION INFORMATION
Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:
- 1007119 - Identified Malicious Adobe Flash SWF File - 2
AFFECTED SOFTWARE AND VERSION
- Adobe Flash Player 19.0.0.207 and earlier
Featured Stories
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more
Trends and Shifts in the Underground N-Day Exploit MarketOur two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.Read more