← Zuruck zu CVEs

CVE-2016-7892

HIGHCISA KEV

8.8

Beschreibung

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

CVE Details

CVSS v3.1 Bewertung8.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht12/15/2016

Zuletzt geandert4/21/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerAdobe

ProduktFlash Player

SchwachstellennameAdobe Flash Player Use-After-Free Vulnerability

KEV Aufnahmedatum2022-03-25

Behebungsfrist2022-04-15

Ransomware-NutzungUnknown

Betroffene Produkte

adobe:flash_playeradobe:flash_player_desktop_runtimeapple:mac_os_xgoogle:chrome_oslinux:linux_kernelmicrosoft:windowsmicrosoft:windows_10microsoft:windows_8.1

Schwachen (CWE)

CWE-416CWE-416

Referenzen

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html(psirt@adobe.com)

http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2016-2947.html(psirt@adobe.com)

http://www.securityfocus.com/bid/94877(psirt@adobe.com)

http://www.securitytracker.com/id/1037442(psirt@adobe.com)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154(psirt@adobe.com)

https://helpx.adobe.com/security/products/flash-player/apsb16-39.html(psirt@adobe.com)

https://security.gentoo.org/glsa/201701-17(psirt@adobe.com)

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html(af854a3a-2127-422b-91ae-364da2661108)

http://rhn.redhat.com/errata/RHSA-2016-2947.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/94877(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037442(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154(af854a3a-2127-422b-91ae-364da2661108)

https://helpx.adobe.com/security/products/flash-player/apsb16-39.html(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201701-17(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7892(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.