Exposure of Sensitive Information to an Unauthorized Actor
Adobe Flash Player before 22.214.171.1242 and 14.x through 18.x before 126.96.36.199 on Windows and OS X and before 188.8.131.526 on Linux, Adobe AIR before 184.108.40.206 on Windows and before 220.127.116.11 on OS X and Android, Adobe AIR SDK before 18.104.22.168 on Windows and before 22.214.171.124 on OS X, and Adobe AIR SDK & Compiler before 126.96.36.199 on Windows and before 188.8.131.52 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102.
CWE-200 - Information Exposure
An information exposure vulnerability is categorized as an information flow (IF) weakness, which can potentially allow unauthorized access to otherwise classified information in the application, such as confidential personal information (demographics, financials, health records, etc.), business secrets, and the application's internal environment.