Show vulnerabilities with patch / with exploit

Security Update for Adobe Flash Player (3209498)



Published: 2016-12-13
Severity Critical
Patch available YES
Number of vulnerabilities 17
CVE ID CVE-2016-7867
CVE-2016-7868
CVE-2016-7869
CVE-2016-7870
CVE-2016-7871
CVE-2016-7872
CVE-2016-7873
CVE-2016-7874
CVE-2016-7875
CVE-2016-7876
CVE-2016-7877
CVE-2016-7878
CVE-2016-7879
CVE-2016-7880
CVE-2016-7881
CVE-2016-7890
CVE-2016-7892
CWE ID CWE-119
CWE-416
CWE-20
Exploitation vector Network
Public exploit Vulnerability #17 is being exploited in the wild.
Vulnerable software
Subscribe
Adobe Flash Player
Client/Desktop applications / Plugins for browsers, ActiveX components

Adobe Flash Player for Linux
Client/Desktop applications / Multimedia software

Vendor Adobe

Security Advisory

1) Buffer overflow

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7867

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7868

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7869

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7870

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7871

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7872

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7873

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7874

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7875

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7876

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7877

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7878

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7879

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7880

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free error

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7881

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Security restrictions bypass

Severity: Medium

CVSSv3: 5.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7890

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unknown error processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it and bypass implemented security mechanisms.

Successful exploitation of the vulnerability results in unauthorized access to restricted information.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free error

Severity: Critical

CVSSv3: 9.2 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-7892

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes [Search exploit]

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted SWF file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited in the wild.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Adobe Flash Player: 21.0.0.197, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.192, 22.0.0.211, 22.0.0.211, 23.0.0.162, 23.0.0.185, 23.0.0.205, 23.0.0.207

Adobe Flash Player for Linux: 11.2.202.621, 11.2.202.626, 11.2.202.632, 11.2.202.635, 11.2.202.637, 11.2.202.643, 11.2.202.644

CPE External links

httpMS16-154

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.