9.3
CVSSv2

CVE-2016-1016

Published: 09/04/2016 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player prior to 18.0.0.343 and 19.x up to and including 21.x prior to 21.0.0.213 on Windows and OS X and prior to 11.2.202.616 on Linux allows malicious users to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031.

Affected Products

Vendor Product Versions
AdobeFlash Player11.2.202.577, 18.0.0.333, 19.0.0.185, 19.0.0.207, 19.0.0.226, 19.0.0.245, 20.0.0.228, 20.0.0.235, 20.0.0.286, 20.0.0.306, 21.0.0.97

Vendor Advisories

Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 1800343 and 19x through 21x before 2100213 on Windows and OS X and before 112202616 on Linux allows attackers to execute arbitrary code via a flashgeomMatrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-10 ...

Github Repositories

CVE-Study CVE id CVSS Type CVE-2017-12762 100 BOF CVE-2017-0561 100 - CVE-2017-11176 100 UAF CVE-2017-8890 100 CVE-2017-7895 100 CVE-2017-3106 93 CVE-2017-3064 93 CVE-2017-0430 93 CVE-2017-0429 93 CVE-2017-0428 93 CVE-2017-0427 93 CVE-2017-0528 93 CVE-2017-0510 93 CVE-2017-0508 93 CVE-2017-0507 93 CVE-2017-0455 93