Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2016-AVI-413
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Microsoft Internet Explorer. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Internet Explorer 9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Internet Explorer 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Internet Explorer 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7283",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7283"
},
{
"name": "CVE-2016-7279",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7279"
},
{
"name": "CVE-2016-7879",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7879"
},
{
"name": "CVE-2016-7878",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7878"
},
{
"name": "CVE-2016-7284",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7284"
},
{
"name": "CVE-2016-7868",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7868"
},
{
"name": "CVE-2016-7867",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7867"
},
{
"name": "CVE-2016-7875",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7875"
},
{
"name": "CVE-2016-7870",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7870"
},
{
"name": "CVE-2016-7287",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7287"
},
{
"name": "CVE-2016-7874",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7874"
},
{
"name": "CVE-2016-7278",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7278"
},
{
"name": "CVE-2016-7282",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7282"
},
{
"name": "CVE-2016-7281",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7281"
},
{
"name": "CVE-2016-7872",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7872"
},
{
"name": "CVE-2016-7890",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7890"
},
{
"name": "CVE-2016-7871",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7871"
},
{
"name": "CVE-2016-7880",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7880"
},
{
"name": "CVE-2016-7877",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7877"
},
{
"name": "CVE-2016-7876",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7876"
},
{
"name": "CVE-2016-7873",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7873"
},
{
"name": "CVE-2016-7869",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7869"
},
{
"name": "CVE-2016-7202",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7202"
},
{
"name": "CVE-2016-7881",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7881"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-413",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-12-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Internet Explorer\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-154 du 13 d\u00e9cembre 2016",
"url": "https://technet.microsoft.com/fr-fr/library/security/MS16-154"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-144 du 13 d\u00e9cembre 2016",
"url": "https://technet.microsoft.com/fr-fr/library/security/MS16-144"
}
]
}
CVE-2016-7869 (GCVE-0-2016-7869)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Buffer Overflow / Underflow
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| http://www.zerodayinitiative.com/advisories/ZDI-16-624 | x_refsource_MISC |
| http://www.securityfocus.com/bid/94871 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624"
},
{
"name": "94871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow / Underflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624"
},
{
"name": "94871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow / Underflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-624",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624"
},
{
"name": "94871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7869",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7870 (GCVE-0-2016-7870)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Buffer Overflow / Underflow
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| http://www.securityfocus.com/bid/94871 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.zerodayinitiative.com/advisories/ZDI-16-623 | x_refsource_MISC |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "94871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow / Underflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "94871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow / Underflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "94871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-623",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7870",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7871 (GCVE-0-2016-7871)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/94866 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://www.zerodayinitiative.com/advisories/ZDI-16-627 | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-627",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7871",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7872 (GCVE-0-2016-7872)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Use After Free
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securityfocus.com/bid/94873 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://www.zerodayinitiative.com/advisories/ZDI-16-626 | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-626",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7872",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7873 (GCVE-0-2016-7873)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/94866 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7873",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7873",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7874 (GCVE-0-2016-7874)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/94866 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7874",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7875 (GCVE-0-2016-7875)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Integer Overflow
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.zerodayinitiative.com/advisories/ZDI-16-621 | x_refsource_MISC |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/94866 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-621",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7875",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7876 (GCVE-0-2016-7876)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/94866 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7876",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7877 (GCVE-0-2016-7877)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Use After Free
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securityfocus.com/bid/94873 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7877",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7878 (GCVE-0-2016-7878)
Vulnerability from cvelistv5 – Published: 2016-12-15 06:31 – Updated: 2024-08-06 02:13
VLAI
EPSS
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Use After Free
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-16-620 | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| https://security.gentoo.org/glsa/201701-17 | vendor-advisoryx_refsource_GENTOO |
| http://www.securityfocus.com/bid/94873 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1037442 | vdb-entryx_refsource_SECTRACK |
| http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisoryx_refsource_REDHAT |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2016-1… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Affected:
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
|
Date Public
2016-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620"
},
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
],
"datePublic": "2016-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK\u0027s MediaPlayer class. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620"
},
{
"name": "SUSE-SU-2016:3148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK\u0027s MediaPlayer class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-620",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620"
},
{
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name": "94873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94873"
},
{
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7878",
"datePublished": "2016-12-15T06:31:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:20.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…