Adobe Flash Player for Mac <= 22.214.171.1246 Multiple Vulnerabilities (APSB16-04)
High Nessus Plugin ID 88641
SynopsisThe remote Mac OS X host has a browser plugin installed that is affected by multiple vulnerabilities.
DescriptionThe version of Adobe Flash Player installed on the remote Mac OS X host is prior or equal to version 126.96.36.1996. It is, therefore, affected by multiple vulnerabilities :
- A type confusion error exists that allows a remote attacker to execute arbitrary code. (CVE-2016-0985)
- Multiple use-after-free errors exist that allow a remote attacker to execute arbitrary code. (CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984)
- A heap buffer overflow condition exist that allows an attacker to execute arbitrary code. (CVE-2016-0971)
- Multiple memory corruption issues exist that allow a remote attacker to execute arbitrary code.
(CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981)
SolutionUpgrade to Adobe Flash Player version 188.8.131.526 or later.
Alternatively, Adobe has made version 184.108.40.2069 available for those installations that cannot be upgraded to the latest version.