Adobe Flash Player Vulnerability (CVE-2015-7645)

  Severity: CRITICAL
  CVE Identifier: CVE-2015-7645
  Advisory Date: OCT 14, 2015

  DESCRIPTION

This is a zero-day vulnerability in Adobe Flash Player is reportedly used by the Pawn Storm targeted attack campaign. The said vulnerability exists in Adobe Flash Player versions 19.0.0.207 and earlier for Windows and Mac operating systems.

Trend Micro researcher Peter Pi discovered and reported the details of the vulnerability to Adobe. The said company credited Pi for his research contribution.

  TREND MICRO PROTECTION INFORMATION

Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:

  • 1007119 - Identified Malicious Adobe Flash SWF File - 2

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 19.0.0.207 and earlier