Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-2016-1019.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | Broken Link Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | Broken Link Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | Third Party Advisory |
http://www.securityfocus.com/bid/85930 | Broken Link Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1035509 | Broken Link Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-16-227/ | Third Party Advisory VDB Entry |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | Patch Third Party Advisory |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: adobe
Published: 2016-04-09T01:00:00
Updated: 2018-10-12T19:57:01
Reserved: 2015-12-22T00:00:00
Link: CVE-2016-1015
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-04-09T01:59:31.073
Modified: 2023-01-30T18:14:21.633
Link: CVE-2016-1015
JSON object: View
Redhat Information
No data.
CWE