CVE-2016-1024
First published: Sat Apr 09 2016(Updated: )
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | <=11.2.202.577 | |
| Linux Kernel | ||
| Adobe Flash Player | <=21.0.0.197 | |
| Apple iOS and macOS | ||
| Microsoft Windows | ||
| Macromedia Flash Player | <=18.0.0.333 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 8.1 | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Macromedia Flash Player | <=21.0.0.197 | |
| Chrome OS | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Adobe AIR | <=21.0.0.176 | |
| Adobe AIR | <=21.0.0.176 | |
| iStyle @cosme iPhone OS | ||
| Android | ||
| Adobe AIR SDK & Compiler | <=21.0.0.176 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
- http://rhn.redhat.com/errata/RHSA-2016-0610.html
- http://www.securityfocus.com/bid/85932
- http://www.securitytracker.com/id/1035509
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Frequently Asked Questions
What is the severity of CVE-2016-1024?
The severity of CVE-2016-1024 is classified as critical due to the potential for arbitrary code execution and denial of service.
How do I fix CVE-2016-1024?
To fix CVE-2016-1024, you should update Adobe Flash Player to version 18.0.0.343 or later for Windows and OS X, or 11.2.202.616 or later for Linux.
Which versions of Adobe Flash Player are affected by CVE-2016-1024?
Affected versions include Adobe Flash Player versions prior to 18.0.0.343 and 19.x through 21.x before 21.0.0.213.
What systems are vulnerable to CVE-2016-1024?
CVE-2016-1024 affects Adobe Flash Player on Windows, OS X, and Linux systems.
Can CVE-2016-1024 lead to remote attacks?
Yes, CVE-2016-1024 allows attackers to execute arbitrary code remotely, making it highly exploitable.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/remedy
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/11.2.202.577
- vendor/linux
- canonical/linux kernel
- canonical/adobe flash player
- version/adobe flash player/21.0.0.197
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows
- version/macromedia flash player/18.0.0.333
- canonical/microsoft windows 10
- canonical/microsoft windows 8.1
- version/macromedia flash player/21.0.0.197
- vendor/google
- canonical/chrome os
- canonical/adobe air
- version/adobe air/21.0.0.176
- canonical/istyle @cosme iphone os
- canonical/android
- canonical/adobe air sdk & compiler
- version/adobe air sdk & compiler/21.0.0.176