Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code by leveraging an unspecified type confusion.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Flash_player | Adobe | * | 18.0.0.268 (including) |
| Flash_player | Adobe | 19.0.0.185 (including) | 19.0.0.185 (including) |
| Flash_player | Adobe | 19.0.0.207 (including) | 19.0.0.207 (including) |
| Flash_player | Adobe | 19.0.0.226 (including) | 19.0.0.226 (including) |
| Flash_player | Adobe | 19.0.0.245 (including) | 19.0.0.245 (including) |
| Flash_player | Adobe | 20.0.0.228 (including) | 20.0.0.228 (including) |
| Flash_player | Adobe | 20.0.0.235 (including) | 20.0.0.235 (including) |
| Red Hat Enterprise Linux 5 Supplementary | RedHat | flash-plugin-0:11.2.202.559-1.el5 | * |
| Red Hat Enterprise Linux 6 Supplementary | RedHat | flash-plugin-0:11.2.202.559-1.el6_7 | * |
| Flashplugin-nonfree | Ubuntu | devel | * |
| Flashplugin-nonfree | Ubuntu | precise | * |
| Flashplugin-nonfree | Ubuntu | trusty | * |
| Flashplugin-nonfree | Ubuntu | upstream | * |
| Flashplugin-nonfree | Ubuntu | vivid | * |
| Flashplugin-nonfree | Ubuntu | wily | * |