PT-2016-2370 · Adobe+3 · Flash Player+3

Francis Provencher

Published

2016-07-12

Updated

2023-01-20

CVE-2016-4176

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 18.0.0.366 Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.632 on Linux

Description The issue is caused by a buffer overflow, allowing remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors, resulting in stack memory corruption.

Recommendations For Adobe Flash Player versions prior to 18.0.0.366, update to version 18.0.0.366 or later. For Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X, update to version 22.0.0.209 or later. For Adobe Flash Player versions prior to 11.2.202.632 on Linux, update to version 11.2.202.632 or later.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALT-PU-2016-1766

BDU:2016-01761

CVE-2016-4176

MGASA-2016-0251

OPENSUSE-SU-2016_1795-1

OPENSUSE-SU-2016_1802-1

RHSA-2016:1423

RHSA-2016_1423

SUSE-SU-2016:1826-1

Affected Products

Alt Linux

Flash Player

Red Hat

Suse

PT-2016-2370 · Adobe+3 · Flash Player+3

CVE-2016-4176

Weakness Enumeration

Related Identifiers

Affected Products

References · 74