PT-2016-1483 · Adobe+3 · Flash Player+6

Published

2016-03-10

·

Updated

2022-12-14

·

CVE-2016-1001

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.333 Adobe Flash Player versions 19.x through 21.x before 21.0.0.182 Adobe Flash Player version prior to 11.2.202.577 on Linux Adobe AIR versions prior to 21.0.0.176 Adobe AIR SDK versions prior to 21.0.0.176 Adobe AIR SDK & Compiler versions prior to 21.0.0.176
Description The issue is caused by a heap-based buffer overflow in the memory, allowing remote attackers to execute arbitrary code via unspecified vectors. This can lead to the execution of malicious code on affected systems.
Recommendations For Adobe Flash Player versions prior to 18.0.0.333, update to version 18.0.0.333 or later. For Adobe Flash Player versions 19.x through 21.x, update to version 21.0.0.182 or later. For Adobe Flash Player on Linux, update to version 11.2.202.577 or later. For Adobe AIR, update to version 21.0.0.176 or later. For Adobe AIR SDK, update to version 21.0.0.176 or later. For Adobe AIR SDK & Compiler, update to version 21.0.0.176 or later.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALT-PU-2016-1216
BDU:2016-00784
CVE-2016-1001
MGASA-2016-0109
OPENSUSE-SU-2016_0719-1
OPENSUSE-SU-2016_0734-1
RHSA-2016:0438
RHSA-2016_0438
SUSE-SU-2016:0715-1
SUSE-SU-2016:0716-1

Affected Products

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse