CVE-2016-7866

Опубликовано: 15 дек. 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Ссылки

http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt
http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2016/Dec/45
http://www.securityfocus.com/archive/1/539923/100/0/threaded
http://www.securityfocus.com/bid/94872
https://helpx.adobe.com/security/products/animate/apsb16-38.html
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/40915/
http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt
http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2016/Dec/45
http://www.securityfocus.com/archive/1/539923/100/0/threaded
http://www.securityfocus.com/bid/94872
https://helpx.adobe.com/security/products/animate/apsb16-38.html
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/40915/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*

Версия до 15.2.1.95 (включая)

EPSS

Процентиль: 98%

0.66805

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-qrj4-68mq-fwp3