Tenable9354.PRMFlash Player < 11.2.202.621 / 18.0.0.352 / 21.0.0.242 Multiple Vulnerabilities (APSB16-15)
Versions of Adobe Flash Player prior to 11.2.202.621, 18.0.0.352, or 21.0.0.242 are outdated and thus unpatched for the following vulnerabilities :
- Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1105, CVE-2016-4117)
- Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110, CVE-2016-4121)
- A heap buffer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2016-1101)
- An unspecified buffer overflow exists that allows an attacker to execute arbitrary code. (CVE-2016-1103)
- Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, CVE-2016-4163)
- A flaw exists when loading dynamic-link libraries. An attacker can exploit this, via a specially crafted ‘.dll’ file, to execute arbitrary code. (CVE-2016-4116)
Binary data 9354.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | flash_player | cpe:/a:adobe:flash_player |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4160
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4161
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4162
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4163
www.nessus.org/u?0cb17c10
helpx.adobe.com/security/products/flash-player/apsa16-15.html
Related
