CVE-2016-1026
First published: Sat Apr 09 2016(Updated: )
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | <=11.2.202.577 | |
| Linux Kernel | ||
| Adobe Flash Player | <=21.0.0.197 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | <=18.0.0.333 | |
| Windows 10 | ||
| Microsoft Windows | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Macromedia Flash Player | <=21.0.0.197 | |
| Chrome OS | ||
| Macromedia Flash Player | <=21.0.0.197 | |
| Adobe AIR | <=21.0.0.176 | |
| Adobe AIR | <=21.0.0.176 | |
| iPhone OS | ||
| Android | ||
| Adobe AIR SDK & Compiler | <=21.0.0.176 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
- http://rhn.redhat.com/errata/RHSA-2016-0610.html
- http://www.securityfocus.com/bid/85932
- http://www.securitytracker.com/id/1035509
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Frequently Asked Questions
What is the severity of CVE-2016-1026?
CVE-2016-1026 is rated as critical due to its potential to allow attackers to execute arbitrary code or cause a denial of service.
How do I fix CVE-2016-1026?
To mitigate CVE-2016-1026, users should update Adobe Flash Player to version 18.0.0.343 or later for Windows and macOS, or 11.2.202.616 or later for Linux.
Which versions of Adobe Flash Player are affected by CVE-2016-1026?
CVE-2016-1026 affects Adobe Flash Player versions prior to 18.0.0.343, 19.x through 21.x prior to 21.0.0.213 on Windows and macOS, and versions before 11.2.202.616 on Linux.
What are the potential impacts of CVE-2016-1026?
The impacts of CVE-2016-1026 include executing arbitrary code and inducing memory corruption, potentially leading to a denial of service.
Is there a workaround for CVE-2016-1026?
There are no specific workarounds for CVE-2016-1026; updating Adobe Flash Player is the recommended action.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/remedy
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/11.2.202.577
- vendor/linux
- canonical/linux kernel
- canonical/adobe flash player
- version/adobe flash player/21.0.0.197
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- version/macromedia flash player/18.0.0.333
- canonical/windows 10
- canonical/microsoft windows
- version/macromedia flash player/21.0.0.197
- vendor/google
- canonical/chrome os
- canonical/adobe air
- version/adobe air/21.0.0.176
- canonical/iphone os
- canonical/android
- canonical/adobe air sdk & compiler
- version/adobe air sdk & compiler/21.0.0.176