CVE-2016-7873
First published: Thu Dec 15 2016(Updated: )
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Flash Player | <=23.0.0.207 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | <=23.0.0.207 | |
| Macromedia Flash Player | <=23.0.0.207 | |
| Windows 10 | ||
| Microsoft Windows | ||
| Macromedia Flash Player | <=23.0.0.207 | |
| Chrome OS | ||
| Linux Kernel | ||
| Macromedia Flash Player | <=11.2.202.644 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html
- http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html
- http://rhn.redhat.com/errata/RHSA-2016-2947.html
- http://www.securityfocus.com/bid/94866
- http://www.securitytracker.com/id/1037442
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154
- https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
- https://security.gentoo.org/glsa/201701-17
Frequently Asked Questions
What is the severity of CVE-2016-7873?
CVE-2016-7873 is considered a critical vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2016-7873?
To mitigate CVE-2016-7873, users should update Adobe Flash Player to the latest version beyond 23.0.0.207 or 11.2.202.644.
Which versions of Adobe Flash Player are affected by CVE-2016-7873?
CVE-2016-7873 affects Adobe Flash Player versions 23.0.0.207 and earlier, and 11.2.202.644 and earlier.
What kind of exploitation can occur through CVE-2016-7873?
Successful exploitation of CVE-2016-7873 could lead to arbitrary code execution on the affected system.
Is this vulnerability present in macOS or Linux systems?
CVE-2016-7873 is specifically related to Adobe Flash Player and does not affect macOS or Linux systems directly.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe flash player
- version/adobe flash player/23.0.0.207
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- canonical/macromedia flash player
- version/macromedia flash player/23.0.0.207
- canonical/windows 10
- canonical/microsoft windows
- vendor/google
- canonical/chrome os
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/11.2.202.644