Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2015-06-24 CVE-2015-3112 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge and Photoshop CC
Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2015-06-24 CVE-2015-3111 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge and Photoshop CC
Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2015-06-24 CVE-2015-3110 Numeric Errors vulnerability in Adobe Bridge and Photoshop CC
Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-189
critical
10.0
2015-06-24 CVE-2015-3109 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Photoshop CC
Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2015-06-10 CVE-2015-3108 Information Exposure vulnerability in multiple products
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
network
low complexity
adobe linux google apple microsoft CWE-200
5.0
2015-06-10 CVE-2015-3107 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106.
network
low complexity
adobe google opensuse apple microsoft linux CWE-416
critical
10.0
2015-06-10 CVE-2015-3106 Remote Code Execution vulnerability in Adobe Flash Player and AIR
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3107.
network
low complexity
adobe apple microsoft linux google
critical
10.0
2015-06-10 CVE-2015-3105 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe linux apple microsoft google CWE-119
critical
10.0
2015-06-10 CVE-2015-3104 Numeric Errors vulnerability in multiple products
Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe google apple microsoft linux CWE-189
critical
10.0
2015-06-10 CVE-2015-3103 Remote Code Execution vulnerability in Adobe Flash Player and AIR
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3106 and CVE-2015-3107.
network
low complexity
adobe apple microsoft google linux
critical
10.0