PT-2016-2425 · Adobe+3 · Flash Player+3

Publicado

2016-07-12

Atualizado

2023-01-20

CVE-2016-4178

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.366 Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 Adobe Flash Player version before 11.2.202.632 on Linux

Description The issue is related to the lack of protection for internal data in the Flash Player platform. It allows a remote attacker to bypass existing access restrictions or obtain confidential information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For Adobe Flash Player versions prior to 18.0.0.366, update to version 18.0.0.366 or later. For Adobe Flash Player versions 19.x through 22.x before 22.0.0.209, update to version 22.0.0.209 or later. For Adobe Flash Player version before 11.2.202.632 on Linux, update to version 11.2.202.632 or later.

Correção

Incorrect Authorization

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863CWE-200

Identificadores relacionados

ALT-PU-2016-1766

BDU:2016-01815

CVE-2016-4178

MGASA-2016-0251

OPENSUSE-SU-2016_1795-1

OPENSUSE-SU-2016_1802-1

RHSA-2016:1423

RHSA-2016_1423

SUSE-SU-2016:1826-1

Produtos afetados

Alt Linux

Flash Player

Red Hat

Suse

PT-2016-2425 · Adobe+3 · Flash Player+3

CVE-2016-4178

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 72