PT-2016-7403 · Adobe+3 · Flash Player+3

Kiritou Kureha

Publicado

2016-11-08

Atualizado

2019-05-16

CVE-2016-7858

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 23.0.0.205 and earlier Adobe Flash Player versions 11.2.202.643 and earlier

Description The issue is related to an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

Recommendations For Adobe Flash Player versions 23.0.0.205 and earlier, update to a version later than 23.0.0.205 to resolve the issue. For Adobe Flash Player versions 11.2.202.643 and earlier, update to a version later than 11.2.202.643 to resolve the issue. As a temporary workaround, consider disabling the ExternalInterface addCallback function until a patch is available.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2016-2264

ALT-PU-2016-2266

CVE-2016-7858

MGASA-2016-0370

OPENSUSE-SU-2016_2774-1

OPENSUSE-SU-2016_2782-1

RHSA-2016:2676

RHSA-2016_2676

SUSE-SU-2016:2778-1

ZDI-16-595

Produtos afetados

Alt Linux

Flash Player

Red Hat

Suse

PT-2016-7403 · Adobe+3 · Flash Player+3

CVE-2016-7858

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 28