First published: Tue Nov 08 2016(Updated: )
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Macromedia Flash Player | <=23.0.0.205 | |
Apple iOS and macOS | ||
Microsoft Windows | ||
Macromedia Flash Player | <=23.0.0.205 | |
Macromedia Flash Player | <=23.0.0.205 | |
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1511 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT | ||
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
Adobe Flash Player | <=11.2.202.643 | |
Linux Kernel | ||
Macromedia Flash Player | <=23.0.0.205 | |
Chrome OS | ||
Red Hat Enterprise Linux Desktop | =5.0 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Server | =5.0 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Workstation | =5.0 | |
Red Hat Enterprise Linux Workstation | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-7864 has a critical severity rating due to the potential for arbitrary code execution.
To fix CVE-2016-7864, update Adobe Flash Player to version 23.0.0.206 or later.
CVE-2016-7864 affects Adobe Flash Player versions 23.0.0.205 and earlier, and 11.2.202.643 and earlier.
CVE-2016-7864 is associated with a use-after-free vulnerability that can be exploited for arbitrary code execution.
CVE-2016-7864 does not directly affect macOS systems if they have Adobe Flash Player updated to the latest version.