PT-2016-1664 · Adobe+3 · Flash Player+3

Publicado

2016-04-08

Atualizado

2023-01-30

CVE-2016-1018

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.343 Adobe Flash Player versions 19.x through 21.x prior to 21.0.0.213 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.616 on Linux

Description The issue is caused by a stack-based buffer overflow in Adobe Flash Player. This can be exploited by a remote attacker using specially crafted JPEG-XR data, allowing them to execute arbitrary code.

Recommendations For Adobe Flash Player versions prior to 18.0.0.343, update to version 18.0.0.343 or later. For Adobe Flash Player versions 19.x through 21.x, update to version 21.0.0.213 or later on Windows and OS X. For Adobe Flash Player versions prior to 11.2.202.616 on Linux, update to version 11.2.202.616 or later. As a temporary workaround, consider avoiding the use of JPEG-XR data in Adobe Flash Player until a patch is available.

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

ALT-PU-2016-1305

BDU:2016-00990

CVE-2016-1018

MGASA-2016-0134

OPENSUSE-SU-2016_1306-1

RHSA-2016:0610

RHSA-2016_0610

SUSE-SU-2016:1305-1

ZDI-16-228

Produtos afetados

Alt Linux

Flash Player

Red Hat

Suse

PT-2016-1664 · Adobe+3 · Flash Player+3

CVE-2016-1018

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 69