Use-After-Free Vulnerability in Adobe Flash Player for Windows and OS X
CVE-2016-4228

8.8HIGH

Key Information:

Vendor
Adobe
Status
Flash Player Desktop Runtime
Vendor
CVE Published:
13 July 2016

Summary

A use-after-free vulnerability exists in Adobe Flash Player, allowing attackers to execute arbitrary code through unspecified vectors. This affects various versions across Windows, OS X, and Linux, posing risks to users when vulnerabilities are exploited. Notably, it is distinct from several other vulnerabilities recognized in 2016.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
https://security.gentoo.org/glsa/201607-03
vendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE

EPSS Score

29% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.