MS16-083: Security Update for Adobe Flash Player (3167685)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a browser plugin installed that is
affected by multiple vulnerabilities.

Description :

The remote Windows host is missing KB3167685. It is, therefore,
affected by multiple vulnerabilities :

- Multiple memory corruption issues exist that allow an
unauthenticated, remote attacker to cause a denial of
service condition or the execution of arbitrary code.
(CVE-2016-4122, CVE-2016-4123, CVE-2016-4124,
CVE-2016-4125, CVE-2016-4127, CVE-2016-4128,
CVE-2016-4129, CVE-2016-4130, CVE-2016-4131,
CVE-2016-4132, CVE-2016-4133, CVE-2016-4134,
CVE-2016-4137, CVE-2016-4141, CVE-2016-4150,
CVE-2016-4151, CVE-2016-4152, CVE-2016-4153,
CVE-2016-4154, CVE-2016-4155, CVE-2016-4156,
CVE-2016-4166, CVE-2016-4171)

- Multiple heap buffer overflow conditions exist due to
improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit these to
execute arbitrary code. (CVE-2016-4135, CVE-2016-4136,
CVE-2016-4138).

- An unspecified vulnerability exists that allows an
unauthenticated, remote attacker to bypass the
same-origin policy, resulting in the disclosure of
potentially sensitive information. (CVE-2016-4139)

- An unspecified flaw exists when loading certain dynamic
link libraries due to using a search path that includes
directories which may not be trusted or under the user's
control. An unauthenticated, remote attacker can exploit
this, by inserting a specially crafted library in the
path, to execute arbitrary code in the context of the
user. (CVE-2016-4140)

- Multiple use-after-free errors exist that allow an
unauthenticated, remote attacker to deference already
freed memory, resulting in the execution of arbitrary
code. (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145,
CVE-2016-4146, CVE-2016-4147, CVE-2016-4148)

- Multiple type confusion errors exist that allow an
unauthenticated, remote attacker to execute arbitrary
code. (CVE-2016-4144, CVE-2016-4149)

See also :

https://technet.microsoft.com/library/security/MS16-083
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html

Solution :

Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
2012 R2, and 10.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true