#VU1280 Memory corruption in Animate - CVE-2016-7866 

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU1280

#VU1280 Memory corruption in Animate - CVE-2016-7866

Published: December 13, 2016 / Updated: September 14, 2018


Vulnerability identifier: #VU1280
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2016-7866
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability: Public exploit is available
Vulnerable software:
Animate
Software vendor:
Adobe

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error. A remote attacker can execute arbitrary code on the target system via unknown attack vectors.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Remediation

The vulnerability is fixed in version 16.0.0.112 for Windows and Macintosh:
https://creative.adobe.com/products/download/animate

External links