Use-After-Free Vulnerability in Adobe Flash Player by Adobe Systems
CVE-2016-7020

8.8HIGH

Key Information:

Vendor

Adobe
Status
Flash Player Desktop Runtime
Vendor
CVE Published:
5 October 2016

What is CVE-2016-7020?

A use-after-free vulnerability exists in Adobe Flash Player that affects multiple versions across various operating systems. This flaw enables attackers to execute arbitrary code, potentially compromising system integrity. The vulnerability emerges from improper memory management, leading to exploitation via unknown methods. It is crucial for users and organizations to immediately update their Adobe Flash Player installations to safeguard against potential attacks.

References

https://helpx.adobe.com/security/products/flash-player/ap...
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2016:1423
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/94192
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.