CVE-2016-1006
First published: Sat Apr 09 2016(Updated: )
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | <=11.2.202.577 | |
| Linux Kernel | ||
| Adobe Flash Player | <=21.0.0.197 | |
| Apple iOS and macOS | ||
| Microsoft Windows | ||
| Macromedia Flash Player | <=18.0.0.333 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 8.1 | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Macromedia Flash Player | <=21.0.0.197 | |
| Chrome OS | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Adobe AIR | <=21.0.0.176 | |
| Adobe AIR | <=21.0.0.176 | |
| iStyle @cosme iPhone OS | ||
| Android | ||
| Adobe AIR SDK & Compiler | <=21.0.0.176 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
- http://rhn.redhat.com/errata/RHSA-2016-0610.html
- http://www.securitytracker.com/id/1035509
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Frequently Asked Questions
What is the severity of CVE-2016-1006?
CVE-2016-1006 has been assigned a medium severity rating due to its potential impact on system security.
How do I fix CVE-2016-1006?
To fix CVE-2016-1006, update Adobe Flash Player to version 18.0.0.343 or later for Windows and OS X, and version 11.2.202.616 or later for Linux.
Which versions of Adobe Flash Player are affected by CVE-2016-1006?
CVE-2016-1006 affects Adobe Flash Player versions prior to 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on supported operating systems.
What platforms are impacted by CVE-2016-1006?
CVE-2016-1006 impacts Adobe Flash Player on Windows, OS X, and Linux operating systems.
Is there any known exploit for CVE-2016-1006?
Yes, CVE-2016-1006 could be exploited by attackers to bypass the ASLR protection mechanism through JIT data.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/11.2.202.577
- vendor/linux
- canonical/linux kernel
- canonical/adobe flash player
- version/adobe flash player/21.0.0.197
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows
- version/macromedia flash player/18.0.0.333
- canonical/microsoft windows 10
- canonical/microsoft windows 8.1
- version/macromedia flash player/21.0.0.197
- vendor/google
- canonical/chrome os
- canonical/adobe air
- version/adobe air/21.0.0.176
- canonical/istyle @cosme iphone os
- canonical/android
- canonical/adobe air sdk & compiler
- version/adobe air sdk & compiler/21.0.0.176