← Retour aux CVEs

CVE-2016-7855

HIGHCISA KEV

8.8

Description

Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

Details CVE

Score CVSS v3.18.8

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurREQUIRED

Publie11/1/2016

Derniere modification4/21/2026

Sourcekev

Observations honeypot0

CISA KEV

FournisseurAdobe

ProduitFlash Player

Nom vulnerabiliteAdobe Flash Player Use-After-Free Vulnerability

Date ajout KEV2022-03-03

Date limite remediation2022-03-24

Utilise dans ransomwareUnknown

Produits affectes

adobe:flash_playerapple:mac_os_xgoogle:chrome_oslinux:linux_kernelmicrosoft:windowsmicrosoft:windows_10microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_2012redhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_workstation

Faiblesses (CWE)

CWE-416CWE-416

References

http://rhn.redhat.com/errata/RHSA-2016-2119.html(psirt@adobe.com)

http://www.securityfocus.com/bid/93861(psirt@adobe.com)

http://www.securitytracker.com/id/1037111(psirt@adobe.com)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(psirt@adobe.com)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(psirt@adobe.com)

https://security.gentoo.org/glsa/201610-10(psirt@adobe.com)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2016-2119.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/93861(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037111(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(af854a3a-2127-422b-91ae-364da2661108)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201610-10(af854a3a-2127-422b-91ae-364da2661108)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7855(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.