Adobe Flash Player prior 11.2.202.637/18.0.0.382/23.0.0.185 use after free

A vulnerability has been found in Adobe Flash Player (Multimedia Player Software) and classified as very critical. Affected by this vulnerability is some unknown functionality. Upgrading to version 11.2.202.637, 18.0.0.382 or 23.0.0.185 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field10/13/2016 09:46 AM05/08/2019 08:54 PM09/23/2022 10:30 AM
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
locationWebsiteWebsiteWebsite
typeSecurity BulletinSecurity BulletinSecurity Bulletin
urlhttps://helpx.adobe.com/security/products/flash-player/apsb16-32.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-32.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-32.html
identifierAPSB16-32APSB16-32APSB16-32
disputed000
price_0day$25k-$100k$25k-$100k$25k-$100k
price_trend---
nameUpgradeUpgradeUpgrade
date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
upgrade_version11.2.202.637/18.0.0.382/23.0.0.18511.2.202.637/18.0.0.382/23.0.0.18511.2.202.637/18.0.0.382/23.0.0.185
cveCVE-2016-6987CVE-2016-6987CVE-2016-6987
cve_nvd_published147631680014763168001476316800
securityfocus934929349293492
securityfocus_titleAdobe Flash Player APSB16-32 Multiple Use After Free Remote Code Execution VulnerabilitiesAdobe Flash Player APSB16-32 Multiple Use After Free Remote Code Execution VulnerabilitiesAdobe Flash Player APSB16-32 Multiple Use After Free Remote Code Execution Vulnerabilities
sectracker103698510369851036985
sectracker_date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
sectracker_causeAccess control errorAccess control errorAccess control error
nessus_id940429404294042
nessus_nameSUSE SLED12 Security Update : flash-playerqemu (SUSE-SU-2016:2512-1)SUSE SLED12 Security Update : flash-playerqemu (SUSE-SU-2016:2512-1)SUSE SLED12 Security Update : flash-playerqemu (SUSE-SU-2016:2512-1)
nessus_filenamesuse_SU-2016-2512-1.naslsuse_SU-2016-2512-1.naslsuse_SU-2016-2512-1.nasl
nessus_riskCriticalCriticalCritical
nessus_familySuSE Local Security ChecksSuSE Local Security ChecksSuSE Local Security Checks
nessus_typelocallocallocal
nessus_date1476316800 (10/13/2016)1476316800 (10/13/2016)1476316800 (10/13/2016)
openvas_id863837863837863837
openvas_filenamegb_adobe_flash_player_apsb16-32_macosx.naslgb_adobe_flash_player_apsb16-32_macosx.naslgb_adobe_flash_player_apsb16-32_macosx.nasl
openvas_titleAdobe Flash Player Security Updates( apsb16-32 )-MAC OS XAdobe Flash Player Security Updates( apsb16-32 )-MAC OS XAdobe Flash Player Security Updates( apsb16-32 )-MAC OS X
openvas_familyGeneralGeneralGeneral
qualys_id370155370155370155
qualys_titleAdobe Flash Player Remote Code Execution Vulnerability (APSB16-32)Adobe Flash Player Remote Code Execution Vulnerability (APSB16-32)Adobe Flash Player Remote Code Execution Vulnerability (APSB16-32)
seealso92603 92604 92606 92607 92608 92609 92610 92611 92612 92613 9261492603 92604 92606 92607 92608 92609 92610 92611 92612 92613 9261492603 92604 92606 92607 92608 92609 92610 92611 92612 92613 92614
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
cvss3_nvd_basescore9.89.89.8
typeMultimedia Player SoftwareMultimedia Player SoftwareMultimedia Player Software
vendorAdobeAdobeAdobe
nameFlash PlayerFlash PlayerFlash Player
cwe416 (use after free)416 (use after free)416 (use after free)
risk222
historic000
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
cvss3_meta_basescore9.89.89.8
cvss3_meta_tempscore9.49.49.6
cvss3_vuldb_basescore9.89.89.8
cvss3_vuldb_tempscore9.49.49.4
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
person_nicknamebo13oybo13oy
company_nameZero Day InitiativeZero Day Initiative
confirm_urlhttps://helpx.adobe.com/security/products/flash-player/apsb16-32.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-32.html
cve_assigned1471910400 (08/23/2016)1471910400 (08/23/2016)
securityfocus_date1476144000 (10/11/2016)1476144000 (10/11/2016)
securityfocus_classUnknownUnknown
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cve_nvd_summaryUse-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981.
cvss2_nvd_basescore10.0

Do you want to use VulDB in your project?

Use the official API to access entries easily!