CVE-2016-0959

Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233.

Published: Jun 27, 2017
Updated: Apr 13, 2023
CVE: CVE-2016-0959
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
adobe / flash_player	-	20.0.0.235.x
adobe / flash_player_extended_support_release	-	18.0.0.268.x
adobe / flash_player	-	20.0.0.228.x
adobe / flash_player_for_linux	-	11.2.202.554.x
adobe / air	-	20.0.0.204.x
adobe / air_sdk_&_compiler	-	20.0.0.204.x
adobe / air_sdk	-	20.0.0.204.x

Vulnerability Database

289,599

CVE-2016-0959