← Zuruck zu CVEs

CVE-2016-7855

HIGHCISA KEV

8.8

Beschreibung

Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

CVE Details

CVSS v3.1 Bewertung8.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht11/1/2016

Zuletzt geandert4/21/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerAdobe

ProduktFlash Player

SchwachstellennameAdobe Flash Player Use-After-Free Vulnerability

KEV Aufnahmedatum2022-03-03

Behebungsfrist2022-03-24

Ransomware-NutzungUnknown

Betroffene Produkte

adobe:flash_playerapple:mac_os_xgoogle:chrome_oslinux:linux_kernelmicrosoft:windowsmicrosoft:windows_10microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_2012redhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_workstation

Schwachen (CWE)

CWE-416CWE-416

Referenzen

http://rhn.redhat.com/errata/RHSA-2016-2119.html(psirt@adobe.com)

http://www.securityfocus.com/bid/93861(psirt@adobe.com)

http://www.securitytracker.com/id/1037111(psirt@adobe.com)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(psirt@adobe.com)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(psirt@adobe.com)

https://security.gentoo.org/glsa/201610-10(psirt@adobe.com)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2016-2119.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/93861(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037111(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(af854a3a-2127-422b-91ae-364da2661108)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201610-10(af854a3a-2127-422b-91ae-364da2661108)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7855(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.