Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Flash Player < 11.2.202.626 / 18.0.0.360 / 22.0.0.192 Multiple Vulnerabilities

Critical

Synopsis

The remote host is running an outdated version of Adobe Flash Player that is affected by multiple vulnerabilities.

Description

Versions of Adobe Flash Player prior to 11.2.202.626, 18.0.0.360, or 22.0.0.192 are outdated and thus unpatched for the following vulnerabilities :

- Multiple type confusion errors exist that allow an attacker to execute arbitrary code. (CVE-2016-4144, CVE-2016-4149) - Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148) - Multiple unspecified memory corruption flaws exists that are triggered when user-supplied input is not properly validated. (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4126, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4133, CVE-2016-4134, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166) - Unspecified Heap Buffer Overflow conditions exists when an overflow condition is triggered as user-supplied input and is not properly validated when handling ATF files. This may allow a context-dependent attacker to cause a heap-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2016-4135) - A double-free flaw exists, which may be triggered as user-supplied input is not properly validated when handling JXR files. This may allow a context-dependent attacker to free already freed memory and potentially execute arbitrary code. (CVE-2016-4136) - A heap buffer overflow flaw exists when an overflow condition that is triggered as user-supplied input is not properly validated when handling ATF image packing. This may allow a context-dependent attacker to cause a heap-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2016-4138) - A flaw is triggered as user-supplied input is not properly validated when handling LMZA property decoding. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-4137) - An unspecified memory corruption flaw exists, which is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-4141) - A flaw is triggered when loading certain dynamic-link libraries. By placing a specially crafted library in the path and tricking a user into opening a file, a context-dependent attacker can inject and execute arbitrary code with the privilege of the user running the program. (CVE-2016-4140) - An unspecified flaw exists, which may allow a context-dependent attacker to bypass the same-origin policy and gain access to potentially sensitive information. (CVE-2016-4166)

Solution

Upgrade to Adobe Flash Player version 22.0.0.192 or later. If 22.x cannot be obtained, versions 18.0.0.360 and 11.2.202.626 have also been patched for these vulnerabilities.