CVE-2016-1014

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.343 Adobe Flash Player versions 19.x through 21.x prior to 21.0.0.213 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.616 on Linux

Description The issue is related to an untrusted search path vulnerability in Adobe Flash Player. This vulnerability allows local users to gain privileges via a Trojan horse resource in an unspecified directory. The exploitation of this vulnerability can enable a local attacker to elevate their privileges.

Recommendations For versions prior to 18.0.0.343, update to version 18.0.0.343 or later. For versions 19.x through 21.x, update to version 21.0.0.213 or later on Windows and OS X. For versions prior to 11.2.202.616 on Linux, update to version 11.2.202.616 or later. As a temporary workaround, consider restricting access to the vulnerable Adobe Flash Player component until a patch is available.