CVE-2016-1005

Name of the Vulnerable Software and Affected Versions Adobe Flash Player (affected versions not specified) Adobe Flash Player ESR (affected versions not specified) Adobe Integrated Runtime (affected versions not specified)

Description The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service (uninitialized pointer dereference, memory corruption) using specially crafted MPEG-4 data.

Recommendations For Adobe Flash Player, consider disabling the use of MPEG-4 data until a patch is available. For Adobe Flash Player ESR, restrict access to specially crafted MPEG-4 files to minimize the risk of exploitation. For Adobe Integrated Runtime, avoid using potentially vulnerable components that handle MPEG-4 data until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.