PT-2016-2369 · Adobe+3 · Flash Player+3

Francis Provencher

·

Published

2016-07-12

·

Updated

2023-01-20

·

CVE-2016-4177

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.366 Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.632 on Linux
Description The issue is caused by a buffer overflow, allowing remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors, resulting in stack memory corruption.
Recommendations For Adobe Flash Player versions prior to 18.0.0.366, update to version 18.0.0.366 or later. For Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X, update to version 22.0.0.209 or later. For Adobe Flash Player versions prior to 11.2.202.632 on Linux, update to version 11.2.202.632 or later.

Exploit

Fix

DoS

Buffer Overflow

Memory Corruption

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALT-PU-2016-1766
BDU:2016-01760
CVE-2016-4177
MGASA-2016-0251
OPENSUSE-SU-2016_1795-1
OPENSUSE-SU-2016_1802-1
RHSA-2016:1423
RHSA-2016_1423
SUSE-SU-2016:1826-1

Affected Products

Alt Linux
Flash Player
Red Hat
Suse