CVE-2016-6992

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
Type Confusion
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
adobeflash_player
𝑥
≤ 23.0.0.162
adobeflash_player
𝑥
≤ 23.0.0.162
adobeflash_player
𝑥
≤ 23.0.0.162
adobeflash_player
𝑥
≤ 18.0.0.375
adobeflash_player_desktop_runtime
𝑥
≤ 23.0.0.162
adobeflash_player
𝑥
≤ 11.2.202.635
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
xenial
Fixed 1:20161011.1-0ubuntu0.16.04.1
released
trusty
Fixed 1:20161011.1-0ubuntu0.14.04.1
released
precise
Fixed 1:20161011.1-0ubuntu0.12.04.1
released
flashplugin-nonfree
xenial
Fixed 11.2.202.637ubuntu0.16.04.1
released
trusty
Fixed 11.2.202.637ubuntu0.14.04.1
released
precise
Fixed 11.2.202.637ubuntu0.12.04.1
released
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2016-2057.html
http://www.securityfocus.com/bid/93488
http://www.securitytracker.com/id/1036985
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
https://security.gentoo.org/glsa/201610-10
http://rhn.redhat.com/errata/RHSA-2016-2057.html
http://www.securityfocus.com/bid/93488
http://www.securitytracker.com/id/1036985
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
https://security.gentoo.org/glsa/201610-10