CVE-2016-7876
First published: Thu Dec 15 2016(Updated: )
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Flash Player | <=23.0.0.207 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | <=23.0.0.207 | |
| Macromedia Flash Player | <=23.0.0.207 | |
| Windows 10 | ||
| Microsoft Windows | ||
| Macromedia Flash Player | <=23.0.0.207 | |
| Chrome OS | ||
| Linux Kernel | ||
| Macromedia Flash Player | <=11.2.202.644 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html
- http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html
- http://rhn.redhat.com/errata/RHSA-2016-2947.html
- http://www.securityfocus.com/bid/94866
- http://www.securitytracker.com/id/1037442
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154
- https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
- https://security.gentoo.org/glsa/201701-17
Frequently Asked Questions
What is the severity of CVE-2016-7876?
CVE-2016-7876 has a critical severity level as it allows for arbitrary code execution through memory corruption in Adobe Flash Player.
How do I fix CVE-2016-7876?
To fix CVE-2016-7876, upgrade Adobe Flash Player to version 23.0.0.208 or later.
Which software versions are affected by CVE-2016-7876?
Adobe Flash Player versions 23.0.0.207 and earlier, as well as 11.2.202.644 and earlier, are affected by CVE-2016-7876.
What types of systems are impacted by CVE-2016-7876?
CVE-2016-7876 affects systems running vulnerable versions of Adobe Flash Player on various operating systems, including Windows, macOS, and Chrome.
What are the potential consequences of exploiting CVE-2016-7876?
Exploitation of CVE-2016-7876 can lead to arbitrary code execution, allowing attackers to compromise affected systems significantly.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe flash player
- version/adobe flash player/23.0.0.207
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- canonical/macromedia flash player
- version/macromedia flash player/23.0.0.207
- canonical/windows 10
- canonical/microsoft windows
- vendor/google
- canonical/chrome os
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/11.2.202.644