Strike ID:
E16-66d01
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2016

Description

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an out-of-bound memory access in the DeleteRangeTimelineOperation class. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}