← Retour aux CVEs

CVE-2016-7892

HIGHCISA KEV

8.8

Description

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

Details CVE

Score CVSS v3.18.8

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurREQUIRED

Publie12/15/2016

Derniere modification4/21/2026

Sourcekev

Observations honeypot0

CISA KEV

FournisseurAdobe

ProduitFlash Player

Nom vulnerabiliteAdobe Flash Player Use-After-Free Vulnerability

Date ajout KEV2022-03-25

Date limite remediation2022-04-15

Utilise dans ransomwareUnknown

Produits affectes

adobe:flash_playeradobe:flash_player_desktop_runtimeapple:mac_os_xgoogle:chrome_oslinux:linux_kernelmicrosoft:windowsmicrosoft:windows_10microsoft:windows_8.1

Faiblesses (CWE)

CWE-416CWE-416

References

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html(psirt@adobe.com)

http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2016-2947.html(psirt@adobe.com)

http://www.securityfocus.com/bid/94877(psirt@adobe.com)

http://www.securitytracker.com/id/1037442(psirt@adobe.com)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154(psirt@adobe.com)

https://helpx.adobe.com/security/products/flash-player/apsb16-39.html(psirt@adobe.com)

https://security.gentoo.org/glsa/201701-17(psirt@adobe.com)

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html(af854a3a-2127-422b-91ae-364da2661108)

http://rhn.redhat.com/errata/RHSA-2016-2947.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/94877(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037442(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154(af854a3a-2127-422b-91ae-364da2661108)

https://helpx.adobe.com/security/products/flash-player/apsb16-39.html(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201701-17(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7892(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.