SB2016041202 - Microsoft Security Update for Adobe Flash Player

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016041202

SB2016041202 - Microsoft Security Update for Adobe Flash Player

Published: April 12, 2016 Updated: February 14, 2017

Security Bulletin ID SB2016041202
Severity
High
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 10% High 80% Low 10%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Security bypass (CVE-ID: CVE-2016-1006)

The vulnerabiity allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to failure to use Address Space Layout Randomization (ASLR). A remote attacker can create a specially crafted Web site, trick the victim into visiting it, conduct a JIT spraying attack and bypass memory layout randomization mitigations.

Successful exploitation of this vulnerability results in security bypass on the vulnerable system.

2) “Use-after-free” error (CVE-ID: CVE-2016-1011)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

3) Memory corruption (CVE-ID: CVE-2016-1012)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

4) “Use-after-free” error (CVE-ID: CVE-2016-1013)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

5) Untrusted Search Path (CVE-ID: CVE-2016-1014)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an error in the directory search path used to find resources when handling .swf files. A remote attacker can create a specially crafted .swf file, place it with malicious .dll on remote SMB or WebDav share, trick the victim into opening Flash file it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

6) Type confusion (CVE-ID: CVE-2016-1015)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confussion error within the NetConnection objects. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

7) “Use-after-free” error (CVE-ID: CVE-2016-1016)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

8) “Use-after-free” error (CVE-ID: CVE-2016-1017)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

9) Stack-based buffer overflow (CVE-ID: CVE-2016-1018)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to stack-based buffer overflow when handling JPEG-XR files. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

10) Type confusion (CVE-ID: CVE-2016-1019)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error when handling .swf files. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution.

Note: the vulnerability was being actively exploited.

Remediation

Install update from vendor's website.

References