Summary
| Detail | |||
|---|---|---|---|
| Vendor | Adobe | First view | 2008-12-17 |
| Product | Flash Player For Linux | Last view | 2017-06-27 |
| Version | 9.0.124.0 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:adobe:flash_player_for_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2017-06-27 | CVE-2016-0959 | Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233. |
| 9.8 | 2016-12-15 | CVE-2016-7892 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7890 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy. |
| 9.8 | 2016-12-15 | CVE-2016-7881 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7880 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7879 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7878 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7877 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7876 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7875 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7874 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7873 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7872 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7871 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7870 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7869 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7868 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution. |
| 9.8 | 2016-12-15 | CVE-2016-7867 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7865 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7864 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7863 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7862 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7861 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7860 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2016-11-08 | CVE-2016-7859 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (14) | CWE-416 | Use After Free |
| 25% (9) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (5) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 8% (3) | CWE-704 | Incorrect Type Conversion or Cast |
| 2% (1) | CWE-254 | Security Features |
| 2% (1) | CWE-200 | Information Exposure |
| 2% (1) | CWE-190 | Integer Overflow or Wraparound |
| 2% (1) | CWE-20 | Improper Input Validation |
SAINT Exploits
| Description | Link |
|---|---|
| Adobe Flash Player ActionScript launch command execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 67062 | Adobe Flash Player Unspecified Memory Corruption (2010-2213) |
| 67061 | Adobe Flash Player Unspecified Memory Corruption (2010-2214) |
| 67060 | Adobe Flash Player Unspecified Clickjacking (2010-2215) |
| 67059 | Adobe Flash Player Multiple Unspecified Memory Corruption (2010-2216) |
| 67057 | Adobe Flash Player ActionScript AVM1 ActionPush Command Arbitrary Code Execution |
| 52749 | Adobe Flash Player Settings Manager Unspecified Clickjacking |
| 52748 | Adobe Flash Player Crafted SWF File Handling Arbitrary Code Execution |
| 52747 | Adobe Flash Player Shockwave Flash File Processing Destroyed Object Handling ... |
| 52746 | Adobe Flash Player on Linux RPATH Variable Search Path Subversion Local Privi... |
| 52745 | Adobe Flash Player on Windows Mouse Pointer Display Unspecified Clickjacking |
| 50796 | Adobe Flash Player on Linux SWF File Handling Arbitrary Code Execution |
ExploitDB Exploits
| id | Description |
|---|---|
| 18761 | Adobe Flash Player ActionScript Launch Command Execution Vulnerability |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash) File : nvt/glsa_201101_09.nasl |
| 2010-09-10 | Name : SuSE Update for acroread SUSE-SA:2010:037 File : nvt/gb_suse_2010_037.nasl |
| 2010-08-21 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin9.nasl |
| 2010-08-16 | Name : Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Linux) File : nvt/gb_adobe_prdts_mult_dos_vuln_aug10_lin.nasl |
| 2010-08-16 | Name : Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Win) File : nvt/gb_adobe_prdts_mult_dos_vuln_aug10_win.nasl |
| 2010-08-16 | Name : SuSE Update for flash-player SUSE-SA:2010:034 File : nvt/gb_suse_2010_034.nasl |
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-08-17 | Name : SuSE Security Advisory SUSE-SA:2009:041 (flash-player) File : nvt/suse_sa_2009_041.nasl |
| 2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
| 2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-23 (netscape-flash) File : nvt/glsa_200903_23.nasl |
| 2009-03-10 | Name : Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux) File : nvt/gb_adobe_flash_player_mult_vuln_mar09_lin.nasl |
| 2009-03-10 | Name : Adobe Flash Player Multiple Vulnerabilities - Mar09 (Win) File : nvt/gb_adobe_flash_player_mult_vuln_mar09_win.nasl |
| 2009-03-02 | Name : RedHat Security Advisory RHSA-2009:0334 File : nvt/RHSA_2009_0334.nasl |
| 2009-03-02 | Name : SuSE Security Advisory SUSE-SA:2009:011 (flash-player) File : nvt/suse_sa_2009_011.nasl |
| 2009-03-02 | Name : RedHat Security Advisory RHSA-2009:0332 File : nvt/RHSA_2009_0332.nasl |
| 2009-01-23 | Name : SuSE Update for flash-player SUSE-SA:2008:059 File : nvt/gb_suse_2008_059.nasl |
| 2008-12-19 | Name : Adobe Flash Player for Linux SWF Processing Vulnerability File : nvt/gb_adobe_flash_player_swf_proc_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-B-0001 | Adobe Flash Player for Linux Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0017978 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-01-18 | Adobe Flash Player addProperty use after free attempt RuleID : 41025 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-18 | Adobe Flash Player addProperty use after free attempt RuleID : 41024 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-18 | Adobe Flash Player addProperty use after free attempt RuleID : 41023 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-18 | Adobe Flash Player addProperty use after free attempt RuleID : 41022 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-18 | Adobe Flash Player onSetFocus movie clip use after free attempt RuleID : 41021 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-18 | Adobe Flash Player onSetFocus movie clip use after free attempt RuleID : 41020 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player writeDynamicProperties use-after-free attempt RuleID : 41017 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player writeDynamicProperties use-after-free attempt RuleID : 41016 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Acrobat Flash WorkerDomain memory corruption attempt RuleID : 41015 - Type : FILE-FLASH - Revision : 4 |
| 2017-01-12 | Acrobat Flash WorkerDomain memory corruption attempt RuleID : 41014 - Type : FILE-FLASH - Revision : 1 |
| 2017-01-12 | Adobe Flash Player NetConnection use after free attempt RuleID : 41013 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player NetConnection use after free attempt RuleID : 41012 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player BitmapData applyFilter integer overflow attempt RuleID : 41011 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player BitmapData applyFilter integer overflow attempt RuleID : 41010 - Type : FILE-FLASH - Revision : 2 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41009 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41008 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41007 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41006 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player Primetime MediaPlayerItemLoader QOSProvider object use aft... RuleID : 41005 - Type : FILE-FLASH - Revision : 4 |
| 2017-01-12 | Adobe Flash Player Primetime MediaPlayerItemLoader QOSProvider object use aft... RuleID : 41004 - Type : FILE-FLASH - Revision : 4 |
| 2017-01-12 | Adobe Flash Player Primetime SDK out of bounds read attempt RuleID : 41003 - Type : FILE-FLASH - Revision : 4 |
| 2017-01-12 | Adobe Flash Player Primetime SDK out of bounds read attempt RuleID : 41002 - Type : FILE-FLASH - Revision : 3 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41001 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player ActionScript vulnerable RegExp verb usage detected RuleID : 41000 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2017-01-12 | Adobe Flash Player NetConnection proxyType invalid value out of bounds read a... RuleID : 40999 - Type : FILE-FLASH - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-01-11 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201701-17.nasl - Type: ACT_GATHER_INFO |
| 2016-12-16 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1484.nasl - Type: ACT_GATHER_INFO |
| 2016-12-14 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-3148-1.nasl - Type: ACT_GATHER_INFO |
| 2016-12-14 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2016-2947.nasl - Type: ACT_GATHER_INFO |
| 2016-12-13 | Name: The remote Windows host has a browser plugin installed that is affected by mu... File: smb_nt_ms16-154.nasl - Type: ACT_GATHER_INFO |
| 2016-12-13 | Name: The remote macOS or Mac OS X host has a browser plugin installed that is affe... File: macosx_flash_player_apsb16-39.nasl - Type: ACT_GATHER_INFO |
| 2016-12-13 | Name: The remote Windows host has a browser plugin installed that is affected by mu... File: flash_player_apsb16-39.nasl - Type: ACT_GATHER_INFO |
| 2016-11-23 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201611-18.nasl - Type: ACT_GATHER_INFO |
| 2016-11-14 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1286.nasl - Type: ACT_GATHER_INFO |
| 2016-11-11 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2778-1.nasl - Type: ACT_GATHER_INFO |
| 2016-11-11 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1285.nasl - Type: ACT_GATHER_INFO |
| 2016-11-11 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_96f6bf10a73111e695ca0011d823eebd.nasl - Type: ACT_GATHER_INFO |
| 2016-11-10 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2016-2676.nasl - Type: ACT_GATHER_INFO |
| 2016-11-08 | Name: The remote Windows host has a browser plugin installed that is affected by mu... File: smb_nt_ms16-141.nasl - Type: ACT_GATHER_INFO |
| 2016-11-08 | Name: The remote Windows host has a browser plugin installed that is affected by a ... File: flash_player_apsb16-37.nasl - Type: ACT_GATHER_INFO |
| 2016-11-08 | Name: The remote macOS or Mac OS X host has a browser plugin installed that is affe... File: macosx_flash_player_apsb16-37.nasl - Type: ACT_GATHER_INFO |
| 2016-08-29 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-1613-1.nasl - Type: ACT_GATHER_INFO |
| 2016-06-20 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2016-1238.nasl - Type: ACT_GATHER_INFO |
| 2016-06-20 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-743.nasl - Type: ACT_GATHER_INFO |
| 2016-06-20 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-740.nasl - Type: ACT_GATHER_INFO |
| 2016-06-20 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201606-08.nasl - Type: ACT_GATHER_INFO |
| 2016-06-20 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_0e3dfdde35c411e68e82002590263bf5.nasl - Type: ACT_GATHER_INFO |
| 2016-06-17 | Name: The remote Windows host has a browser plugin installed that is affected by mu... File: smb_nt_ms16-083.nasl - Type: ACT_GATHER_INFO |
| 2016-06-17 | Name: The remote Mac OS X host has a browser plugin installed that is affected by m... File: macosx_flash_player_apsb16-18.nasl - Type: ACT_GATHER_INFO |
| 2016-06-17 | Name: The remote Windows host has a browser plugin installed that is affected by mu... File: flash_player_apsb16-18.nasl - Type: ACT_GATHER_INFO |
