CVE-2016-1010
CVE-2016-1010
In short
Adobe Flash Player and AIR had a math error that could allow attackers to run malicious code on your computer. This affected older versions of Flash on Windows, Mac, and Linux.
Technical detail
Integer overflow vulnerability in Adobe Flash Player, AIR, and related SDKs allows remote code execution through unspecified attack vectors. The flaw occurs in numeric calculations, enabling attackers to bypass security checks and execute arbitrary code with user interaction or in vulnerable contexts.
Summary generated and translated by AI from the official description.
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.htmlhttps://security.gentoo.org/glsa/201603-07https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1010http://www.securityfocus.com/bid/84308http://www.securitytracker.com/id/1035251