CVE-2016-0971

Loading...

General

Score:10.0/10.0
Severity:High
Category:Buffer Error
Exploit:Available

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985

Published on 10/02/16 - Updated on 10/09/17

Description

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2016-0971
Adobe Flash Player APSB16-04
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-054, CERTFR-2016-AVI-055, CERTFR-2016-AVI-056
Redhat RHSA-2016:0166

Exploits

Exploit-DBEDB-39465

Relative technologies

VendorProduct
adobeair
adobeair_sdk
adobeair_sdk_\&_compiler
adobeflash_player

Share this vulnerability with:

Twitter Facebook LinkedIn Mail