PT-2016-2389 · Adobe+3 · Flash Player+3
Published
2016-07-12
·
Updated
2023-01-26
·
CVE-2016-4247
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 18.0.0.366
Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X
Adobe Flash Player versions prior to 11.2.202.632 on Linux
Description
The issue is related to a race condition in Adobe Flash Player, which allows attackers to obtain sensitive information via unspecified vectors. This vulnerability exists due to insufficient checking of the resource state when it can be shared. Exploitation of the vulnerability may allow a remote attacker to gain confidential information.
Recommendations
For Adobe Flash Player versions prior to 18.0.0.366, update to version 18.0.0.366 or later.
For Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 on Windows and OS X, update to version 22.0.0.209 or later.
For Adobe Flash Player versions prior to 11.2.202.632 on Linux, update to version 11.2.202.632 or later.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Flash Player
Red Hat
Suse