vulnerability
Ubuntu: (CVE-2016-1005): flashplugin-nonfree vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Mar 12, 2016 | Nov 19, 2024 | Mar 27, 2026 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Mar 12, 2016
Added
Nov 19, 2024
Modified
Mar 27, 2026
Description
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
Solutions
ubuntu-upgrade-adobe-flashpluginubuntu-upgrade-flashplugin-nonfree
References
- CVE-2016-1005
- https://attackerkb.com/topics/CVE-2016-1005
- CWE-824
- EUVD-EUVD-2016-2109
- http://www.zerodayinitiative.com/advisories/ZDI-16-192/
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-2109
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://www.cve.org/CVERecord?id=CVE-2016-1005
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.