Arbitrary code execution in Adobe Flash Player & AIR

Описание

Multiple serious vulnerabilities have been found in Adobe Flash Player & AIR. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities

1. Type confusion vulnerability can be exploited remotely to execute arbitrary code;
2. Use-after-free vulnerabilities could be exploited remotely to execute arbitrary code;
3. Heap buffer overflow vulnerability can be exploited remotely to execute arbitrary code;
4. Memory corruption vulnerabilities could be exploited remotely to cause denial of service or execute arbitrary code.

Первичный источник обнаружения

• Adobe security bulletin
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Adobe-Flash-Player-ActiveX
• Adobe-AIR
• Adobe-Flash-Player-NPAPI
• Adobe-Flash-Player-PPAPI

Список CVE

• CVE-2016-0985
  critical
• CVE-2016-0983
  critical
• CVE-2016-0984
  critical
• CVE-2016-0981
  critical
• CVE-2016-0982
  critical
• CVE-2016-0964
  critical
• CVE-2016-0965
  critical
• CVE-2016-0966
  critical
• CVE-2016-0967
  critical
• CVE-2016-0968
  critical
• CVE-2016-0969
  critical
• CVE-2016-0970
  critical
• CVE-2016-0972
  critical
• CVE-2016-0971
  critical
• CVE-2016-0976
  critical
• CVE-2016-0975
  critical
• CVE-2016-0974
  critical
• CVE-2016-0973
  critical
• CVE-2016-0980
  critical
• CVE-2016-0979
  critical
• CVE-2016-0978
  critical
• CVE-2016-0977
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com