CVE-2016-1001

Sažetak

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.

Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
http://www.securitytracker.com/id/1035251
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html
https://security.gentoo.org/glsa/201603-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html
https://www.exploit-db.com/exploits/39609/

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

14-12-2022 - 19:40

Objavljeno

12-03-2016 - 15:59