← Voltar para CVEs

CVE-2016-7855

HIGHCISA KEV

8.8

Descricao

Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

Detalhes CVE

Pontuacao CVSS v3.18.8

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioREQUIRED

Publicado11/1/2016

Ultima modificacao4/21/2026

Fontekev

Avistamentos honeypot0

CISA KEV

FornecedorAdobe

ProdutoFlash Player

Nome da vulnerabilidadeAdobe Flash Player Use-After-Free Vulnerability

Data inclusao KEV2022-03-03

Prazo de remediacao2022-03-24

Uso em ransomwareUnknown

Produtos afetados

adobe:flash_playerapple:mac_os_xgoogle:chrome_oslinux:linux_kernelmicrosoft:windowsmicrosoft:windows_10microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_2012redhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_workstation

Fraquezas (CWE)

CWE-416CWE-416

Referencias

http://rhn.redhat.com/errata/RHSA-2016-2119.html(psirt@adobe.com)

http://www.securityfocus.com/bid/93861(psirt@adobe.com)

http://www.securitytracker.com/id/1037111(psirt@adobe.com)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(psirt@adobe.com)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(psirt@adobe.com)

https://security.gentoo.org/glsa/201610-10(psirt@adobe.com)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2016-2119.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/93861(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037111(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128(af854a3a-2127-422b-91ae-364da2661108)

https://helpx.adobe.com/security/products/flash-player/apsb16-36.html(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201610-10(af854a3a-2127-422b-91ae-364da2661108)

https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7855(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.