PT-2016-1483 · Adobe+3 · Flash Player+6

Publicado

2016-03-10

·

Atualizado

2022-12-14

·

CVE-2016-1001

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.333 Adobe Flash Player versions 19.x through 21.x before 21.0.0.182 Adobe Flash Player version prior to 11.2.202.577 on Linux Adobe AIR versions prior to 21.0.0.176 Adobe AIR SDK versions prior to 21.0.0.176 Adobe AIR SDK & Compiler versions prior to 21.0.0.176
Description The issue is caused by a heap-based buffer overflow in the memory, allowing remote attackers to execute arbitrary code via unspecified vectors. This can lead to the execution of malicious code on affected systems.
Recommendations For Adobe Flash Player versions prior to 18.0.0.333, update to version 18.0.0.333 or later. For Adobe Flash Player versions 19.x through 21.x, update to version 21.0.0.182 or later. For Adobe Flash Player on Linux, update to version 11.2.202.577 or later. For Adobe AIR, update to version 21.0.0.176 or later. For Adobe AIR SDK, update to version 21.0.0.176 or later. For Adobe AIR SDK & Compiler, update to version 21.0.0.176 or later.

Exploit

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

ALT-PU-2016-1216
BDU:2016-00784
CVE-2016-1001
MGASA-2016-0109
OPENSUSE-SU-2016_0719-1
OPENSUSE-SU-2016_0734-1
RHSA-2016:0438
RHSA-2016_0438
SUSE-SU-2016:0715-1
SUSE-SU-2016:0716-1

Produtos afetados

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse