CVE-2016-1019
CVE-2016-1019
In short
Adobe Flash Player versions up to 21.0.0.197 contain a flaw that attackers can exploit remotely to crash the application or run malicious code on a victim's computer. This vulnerability was actively being exploited by hackers in April 2016.
Technical detail
A remotely exploitable vulnerability in Adobe Flash Player ≤21.0.0.197 allows attackers to trigger denial of service (application crash) or arbitrary code execution through unspecified attack vectors. The vulnerability was confirmed as actively exploited in the wild in April 2016, indicating no user interaction requirement for successful exploitation.
Summary generated and translated by AI from the official description.
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.adobe.com/psirt/?p=1330http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0610.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050https://github.com/cisagov/vulnrichment/issues/196https://helpx.adobe.com/security/products/flash-player/apsa16-01.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-10.html