KLA10898
Code execution vulnerabilities in Adobe Flash Player
Updated: 01/24/2020
Detect date
?
11/08/2016
Severity
?
Critical
Description

Multiple type confusion and use-after-free vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely.


Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Affected products

Adobe Flash Player versions earlier than 23.0.0.207
Adobe Flash Player for Linux versions earlier than 11.2.202.644

Solution

Update to the latest version. If you have Flash Player ESR migrate to the current Flash Player release.
Adobe Flash Player download page

Original advisories

Adobe advisory
Adobe Flash Player ESR end of support announcement

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]
Related products
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
?
CVE-2016-786510.0Critical
CVE-2016-786410.0Critical
CVE-2016-786310.0Critical
CVE-2016-786210.0Critical
CVE-2016-786110.0Critical
CVE-2016-786010.0Critical
CVE-2016-785910.0Critical
CVE-2016-785810.0Critical
CVE-2016-785710.0Critical