openSUSE-SU-2016:1802

SUSE-SU-2016:1826

91720

1036280

RHSA-2016:1423

MS16-093

https://helpx.adobe.com/security/products/flash-player/apsb16-25.html

GLSA-201607-03

Versions of Adobe Flash Player prior to 11.2.202.626, 18.0.0.360, or 22.0.0.192 are unpatched, and therefore affected by the following vulnerabilities :

 - An unspecified race condition vulnerability may allow a context-dependent attacker to gain access to potentially sensitive information. No further details have been provided. (CVE-2016-4247)
 - Multiple unspecified type confusion flaws may allow a context-dependent attacker to potentially execute arbitrary code. No further details have been provided. (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225)
 - Multiple use-after-free vulnerabilities may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. No further details have been provided. (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-42228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248)
 - An overflow condition may be triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2016-4249)
 - Multiple unspecified memory corruption flaws may be triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246, CVE-2016-4289, CVE-2016-4290)
 - Multiple unspecified stack corruption flaws exist, allowing a context-dependent attacker to potentially execute arbitrary code. No further details have been provided. (CVE-2016-4176, CVE-2016-4177)
 - An unspecified flaw may allow a context-dependent attacker to cause a memory leak. No further details have been provided. (CVE-2016-4232)
 - An unspecified flaw may allow a context-dependent attacker to bypass security restrictions and gain access to potentially sensitive information. No further details have been provided. (CVE-2016-4178)

Adobe reports :

These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).

These updates resolve a memory leak vulnerability (CVE-2016-4232).

These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178).

Adobe Flash Player was updated to 11.2.202.632 to fix many security issues tracked under the upstream advisory APSB16-25, allowing remote attackers to execute arbitrary code when delivering specially crafted Flash content. 

The following vulnerabilities were fixed :

  - CVE-2016-4172: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4173: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4174: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4175: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4176: stack corruption vulnerability that could     lead to code execution

  - CVE-2016-4177: stack corruption vulnerability that could     lead to code execution

  - CVE-2016-4178: security bypass vulnerability that could     lead to information disclosure

  - CVE-2016-4179: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4180: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4181: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4182: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4183: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4184: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4185: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4186: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4187: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4188: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4189: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4190: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4217: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4218: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4219: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4220: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4221: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4222: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4223: type confusion vulnerability that could     lead to code execution

  - CVE-2016-4224: type confusion vulnerability that could     lead to code execution

  - CVE-2016-4225: type confusion vulnerability that could     lead to code execution

  - CVE-2016-4226: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4227: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4228: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4229: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4230: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4231: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4232: memory leak vulnerability

  - CVE-2016-4233: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4234: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4235: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4236: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4237: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4238: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4239: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4240: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4241: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4242: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4243: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4244: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4245: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4246: memory corruption vulnerability that     could lead to code execution

  - CVE-2016-4247: race condition vulnerability that could     lead to information disclosure

  - CVE-2016-4248: use-after-free vulnerability that could     lead to code execution

  - CVE-2016-4249: heap buffer overflow vulnerability that     could lead to code execution

An update for flash-plugin is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update upgrades Flash Player to version 11.2.202.632.

Security Fix(es) :

* This update fixes multiple vulnerabilities in Adobe Flash Player.
These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
(CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175, CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4222, CVE-2016-4223, CVE-2016-4224, CVE-2016-4225, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4232, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246, CVE-2016-4247, CVE-2016-4248, CVE-2016-4249)

The remote host is affected by the vulnerability described in GLSA-201607-03 (Adobe Flash Player: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Adobe Flash Player.
      Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process, cause a Denial of Service condition, obtain       sensitive information, or bypass security restrictions.
  Workaround :

    There is no known workaround at this time.

The remote Windows host is missing KB3174060. It is, therefore, affected by multiple vulnerabilities :

  - Multiple memory corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179,     CVE-2016-4180, CVE-2016-4181, CVE-2016-4182,     CVE-2016-4183, CVE-2016-4184, CVE-2016-4185,     CVE-2016-4186, CVE-2016-4187, CVE-2016-4188,     CVE-2016-4189, CVE-2016-4190, CVE-2016-4217,     CVE-2016-4218, CVE-2016-4219, CVE-2016-4220,     CVE-2016-4221, CVE-2016-4233, CVE-2016-4234,     CVE-2016-4235, CVE-2016-4236, CVE-2016-4237,     CVE-2016-4238, CVE-2016-4239, CVE-2016-4240,     CVE-2016-4241, CVE-2016-4242, CVE-2016-4243,     CVE-2016-4244, CVE-2016-4245, CVE-2016-4246)

  - Multiple use-after-free errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4173,     CVE-2016-4174, CVE-2016-4222, CVE-2016-4226,     CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,     CVE-2016-4230, CVE-2016-4231, CVE-2016-4248,     CVE-2016-7020)

  - Multiple stack corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4176, CVE-2016-4177)

  - A security bypass vulnerability exists that allows a     remote attacker to disclose sensitive information.
    (CVE-2016-4178)

  - Multiple type confusion errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4223,     CVE-2016-4224, CVE-2016-4225)

  - An unspecified memory leak issue exists that allows an     attacker to have an unspecified impact. (CVE-2016-4232)

  - A race condition exists that allows a remote attacker to     disclose sensitive information. (CVE-2016-4247)

  - A heap buffer overflow condition exists that allows a     remote attacker to execute arbitrary code.
    (CVE-2016-4249)

The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 22.0.0.192. It is, therefore, affected by multiple vulnerabilities :

  - Multiple memory corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179,     CVE-2016-4180, CVE-2016-4181, CVE-2016-4182,     CVE-2016-4183, CVE-2016-4184, CVE-2016-4185,     CVE-2016-4186, CVE-2016-4187, CVE-2016-4188,     CVE-2016-4189, CVE-2016-4190, CVE-2016-4217,     CVE-2016-4218, CVE-2016-4219, CVE-2016-4220,     CVE-2016-4221, CVE-2016-4233, CVE-2016-4234,     CVE-2016-4235, CVE-2016-4236, CVE-2016-4237,     CVE-2016-4238, CVE-2016-4239, CVE-2016-4240,     CVE-2016-4241, CVE-2016-4242, CVE-2016-4243,     CVE-2016-4244, CVE-2016-4245, CVE-2016-4246)

  - Multiple use-after-free errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4173,     CVE-2016-4174, CVE-2016-4222, CVE-2016-4226,     CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,     CVE-2016-4230, CVE-2016-4231, CVE-2016-4248,     CVE-2016-7020)

  - Multiple stack corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4176, CVE-2016-4177)

  - A security bypass vulnerability exists that allows a     remote attacker to disclose sensitive information.
    (CVE-2016-4178)

  - Multiple type confusion errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4223,     CVE-2016-4224, CVE-2016-4225)

  - An unspecified memory leak issue exists that allows an     attacker to have an unspecified impact. (CVE-2016-4232)

  - A race condition exists that allows a remote attacker to     disclose sensitive information. (CVE-2016-4247)

  - A heap buffer overflow condition exists that allows a     remote attacker to execute arbitrary code.
    (CVE-2016-4249)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 22.0.0.192. It is, therefore, affected by multiple Vulnerabilities :

  - Multiple memory corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179,     CVE-2016-4180, CVE-2016-4181, CVE-2016-4182,     CVE-2016-4183, CVE-2016-4184, CVE-2016-4185,     CVE-2016-4186, CVE-2016-4187, CVE-2016-4188,     CVE-2016-4189, CVE-2016-4190, CVE-2016-4217,     CVE-2016-4218, CVE-2016-4219, CVE-2016-4220,     CVE-2016-4221, CVE-2016-4233, CVE-2016-4234,     CVE-2016-4235, CVE-2016-4236, CVE-2016-4237,     CVE-2016-4238, CVE-2016-4239, CVE-2016-4240,     CVE-2016-4241, CVE-2016-4242, CVE-2016-4243,     CVE-2016-4244, CVE-2016-4245, CVE-2016-4246)

  - Multiple use-after-free errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4173,     CVE-2016-4174, CVE-2016-4222, CVE-2016-4226,     CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,     CVE-2016-4230, CVE-2016-4231, CVE-2016-4248,     CVE-2016-7020)

  - Multiple stack corruption issues exist that allow a     remote attacker to execute arbitrary code.
    (CVE-2016-4176, CVE-2016-4177)

  - A security bypass vulnerability exists that allows a     remote attacker to disclose sensitive information.
    (CVE-2016-4178)

  - Multiple type confusion errors exist that allow a remote     attacker to execute arbitrary code. (CVE-2016-4223,     CVE-2016-4224, CVE-2016-4225)

  - An unspecified memory leak issue exists that allows an     attacker to have an unspecified impact. (CVE-2016-4232)

  - A race condition exists that allows a remote attacker to     disclose sensitive information. (CVE-2016-4247)

  - A heap buffer overflow condition exists that allows a     remote attacker to execute arbitrary code.
    (CVE-2016-4249)

ID	Name	Product	Family	Severity
9411	Flash Player < 11.2.202.626 / 18.0.0.366 / 22.0.0.209 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical
92343	FreeBSD : flash -- multiple vulnerabilities (a522d6ac-4aed-11e6-97ea-002590263bf5)	Nessus	FreeBSD Local Security Checks	critical
92309	openSUSE Security Update : flash-player (openSUSE-2016-870)	Nessus	SuSE Local Security Checks	critical
92044	RHEL 5 / 6 : flash-plugin (RHSA-2016:1423)	Nessus	Red Hat Local Security Checks	critical
92043	openSUSE Security Update : flash-player (openSUSE-2016-866)	Nessus	SuSE Local Security Checks	critical
92042	GLSA-201607-03 : Adobe Flash Player: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
92024	MS16-093: Security Update for Adobe Flash Player (3174060)	Nessus	Windows : Microsoft Bulletins	critical
92013	Adobe Flash Player for Mac <= 22.0.0.192 Multiple Vulnerabilities (APSB16-25)	Nessus	MacOS X Local Security Checks	critical
92012	Adobe Flash Player <= 22.0.0.192 Multiple Vulnerabilities (APSB16-25)	Nessus	Windows	critical

CVE-2016-4247

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical