Lucene search

K
nessusTenable9276.PRM
HistoryMay 20, 2016 - 12:00 a.m.

Flash Player < 11.2.202.616 / 18.0.0.343 / 21.0.0.213 Multiple Vulnerabilities (APSB16-10)

2016-05-2000:00:00
Tenable
www.tenable.com
12

Versions of Adobe Flash Player prior to 11.2.202.616, 18.0.0.343, or 21.0.0.213 are outdated and thus unpatched for the following vulnerabilities :

  • A JIT Spraying Attack vulnerability exists that may allow a context-dependent attacker to disable the Address Space Layout Randomization (ASLR) feature, potentially allowing them to more easily conduct more severe attacks. (CVE-2016-1006)
  • A use-after-free error exists, which may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1011)
  • An unspecified flaw exists that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1012)
  • An unspecified use-after-free error exists, which may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1013)
  • An unspecified flaw exists in the handling of directory search paths that may allow a context-dependent attacker to gain unauthorized access to potentially sensitive resources. (CVE-2016-1014)
  • A type confusion flaw exists that is triggered when handling AS2 NetConnection objects. This may allow a context-dependent attacker to execute arbitrary code. (CVE-2016-1015)
  • A use-after-free error exists that is triggered when setting a special callback on the ‘flash.geom.Matrix object’. This may allow a context-dependent attacker to dereference already freed memory and execute arbitrary code. (CVE-2016-1016)
  • A use-after-free error exists that is triggered during ‘LoadVars.decode’ handling. This may allow a context-dependent attacker to dereference already freed memory and execute arbitrary code. (CVE-2016-1017)
  • An overflow condition exists that is triggered when handling JPEG-XR compressed image content. The issue lies in the failure to properly check that an index is within the bounds of a buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. (CVE-2016-1018)
  • A type confusion flaw exists in the ASnative API that may allow a context-dependent attacker to potentially execute arbitrary code. Adobe states that this issue is being actively exploited against systems running Windows. Current exploits only target version 20.0.0.306 and earlier due to a mitigation implemented in version 21.0.0.182 and later. (CVE-2016-1019)
  • A number of unspecified flaws exists that are triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033)
  • An unspecified flaw exists that may allow a context-dependent attacker to bypass security features. No further details have been provided by the vendor. (CVE-2016-1030)
  • A use-after-free error exists, which may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. No further details have been provided by the vendor.(CVE-2016-1031)
Binary data 9276.prm
VendorProductVersion
adobeflash_player

References