Adobe Flash Player version 32.0.0.433 (and previous versions) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an malicious user to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
Redmond urges folks to apply update ASAP – plus more fixes for Outlook and software from Adobe, Intel, SAP, Red Hat The seven deadly sins letting hackers hijack America's govt networks: These unpatched bugs leave systems open
Patch Tuesday Microsoft's Update Tuesday patch dump for October 2020 has delivered security patches that attempt to address 87 CVEs for a dozen Redmond products. Nadella's security crew has identified 22 remote code execution (RCE) CVEs though the most worrisome looks like CVE-2020-16898, Windows TCP/IP RCE, which is rated 9.8 out 10 in severity. It affects Windows desktop and server systems. According to Microsoft, the Windows TCP/IP stack doesn't properly handle ICMPv6 Router Advertisement pac...