CVE-2016-0973

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Integrated Runtime and Flash Player (affected versions not specified)

Description The issue is related to the implementation of the URLRequest object in Adobe Integrated Runtime and Flash Player, which involves the use of memory after it has been freed. This can be exploited by a remote attacker to execute arbitrary code by calling the URLLoader.load function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2016-1088

BDU:2016-00467

CVE-2016-0973

MGASA-2016-0062

OPENSUSE-SU-2016_0412-1

OPENSUSE-SU-2016_0415-1

RHSA-2016:0166

RHSA-2016_0166

SUSE-SU-2016:0398-1

SUSE-SU-2016:0400-1

ZDI-16-161

Affected Products

Alt Linux

Integrated Runtime

Flash Player

Red Hat

Suse

CVE-2016-0973

Weakness Enumeration

Related Identifiers

Affected Products

References · 48