vulnerability

SUSE: CVE-2016-0973: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Feb 10, 2016	Feb 10, 2016	Jan 26, 2018

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Feb 10, 2016

Added

Feb 10, 2016

Modified

Jan 26, 2018

Description

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.

Solution(s)

suse-upgrade-flash-playersuse-upgrade-flash-player-gnomesuse-upgrade-flash-player-kde4

References

SUSE-SUSE-SU-2016:0398
SUSE-SUSE-SU-2016:0398-1
SUSE-SUSE-SU-2016:0400
SUSE-SUSE-SU-2016:0400-1
REDHAT-RHSA-2016:0166
SECTRACK-1034970
GENTOO-GLSA-201603-07
NVD-CVE-2016-0973

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today