Use-After-Free Vulnerability in Adobe Flash Player by Adobe
CVE-2016-4174

8.8HIGH

Key Information:

Vendor
Adobe
Status
Flash Player Desktop Runtime
Vendor
CVE Published:
13 July 2016

Summary

This vulnerability is associated with Adobe Flash Player and allows attackers to execute arbitrary code through a use-after-free condition. The flaw affects multiple versions of the software on Windows, macOS, and Linux, providing an avenue for attackers to exploit unspecified vectors, leading to potential unauthorized system access. Users are advised to update their Adobe Flash Player to the latest versions to mitigate risks associated with this vulnerability.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/91719
vdb-entryx_refsource_BID

EPSS Score

20% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.