Vulnerability CVE-2016-1010


Published: 2016-03-12

Description:
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.

Vendor: Adobe
Product: Flash player 
Version:
20.0.0.306
20.0.0.286
20.0.0.235
20.0.0.228
19.0.0.245
19.0.0.226
19.0.0.207
19.0.0.185
11.2.202.569
Product: Air sdk 
Version: 20.0.0.260;
Product: AIR 
Version: 20.0.0.260; 20.0.0.233;
Product: Air sdk \& compiler 
Version: 20.0.0.260;
Product: Flash player esr 
Version: 18.0.0.329;

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html
http://www.securityfocus.com/bid/84308
http://www.securitytracker.com/id/1035251
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
https://security.gentoo.org/glsa/201603-07

Related CVE
CVE-2018-19723
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Note: A different vulnera...
CVE-2018-19721
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Note: A different vulnera...
CVE-2018-19728
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19727
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19726
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19724
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19722
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-19720
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...

Copyright 2019, cxsecurity.com

 

Back to Top