MS16-036: Security Update for Adobe Flash Player (3144756)
Critical Nessus Plugin ID 89835
SynopsisThe remote Windows host has a browser plugin installed that is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing KB3144756. It is, therefore, affected by multiple vulnerabilities :
- Multiple integer overflow conditions exist that allow an attacker to execute arbitrary code. (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010)
- Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000)
- A heap overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2016-1001)
- Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, CVE-2016-1005)
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, and 10.