CVE-2016-7880
Summary
| CVE | CVE-2016-7880 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-12-15 06:59:00 UTC |
| Updated | 2022-11-16 21:36:00 UTC |
| Description | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. |
Risk And Classification
Problem Types: CWE-416
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | 23.0.0.207 | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player Desktop Runtime | All | All | All | All |
| Application | Adobe | Flash Player For Linux | All | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Apple | Mac Os X | - | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Chrome Os | All | All | All | All | |
| Operating System | Chrome Os | - | All | All | All | |
| Operating System | Chrome Os | All | All | All | All | |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Linux | Linux Kernel | - | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows 10 | All | All | All | All |
| Operating System | Microsoft | Windows 10 | - | All | All | All |
| Operating System | Microsoft | Windows 10 | All | All | All | All |
| Operating System | Microsoft | Windows 8.1 | All | All | All | All |
| Operating System | Microsoft | Windows 8.1 | - | All | All | All |
| Operating System | Microsoft | Windows 8.1 | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Adobe Flash Player: Multiple vulnerabilities (GLSA 201701-17) — Gentoo security | GENTOO | security.gentoo.org | |
| [security-announce] SUSE-SU-2016:3148-1: critical: Security update for f | SUSE | lists.opensuse.org | |
| Adobe Flash Player APSB16-39 Multiple Unspecified Remote Code Execution Vulnerabilities | BID | www.securityfocus.com | |
| Adobe Security Bulletin | CONFIRM | helpx.adobe.com | Patch, Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| Microsoft Security Bulletin MS16-154 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Adobe Flash Player Multiple Bugs Let Remote Users Bypass Security Restrictions and Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| openSUSE-SU-2016:3160-1: moderate: Security update for flash-player | SUSE | lists.opensuse.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710422 Gentoo Linux Adobe Flash Player Multiple Vulnerabilities (GLSA 201701-17)