ORIGINAL OVERVIEW:
A vulnerability has been discovered in Adobe Flash Player which could allow for remote code execution. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.
Successful exploitation of this vulnerability may allow for remote code execution and allow an attacker to take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full system rights with failed exploit attempts will likely result in denial-of-service conditions.
May 12 - UPDATED OVERVIEW:
Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow for remote code execution.
ORIGINAL SYSTEM AFFECTED:
- Adobe Flash Player 21.0.0.226 and earlier for Windows, Macintosh, Linux, and Chrome OS
May 12 - UPDATED SYSTEMS AFFECTED:
- Adobe Flash Player Desktop Runtime prior to 21.0.0.242 for Windows and Macintosh
- Adobe Flash Player Extended Support Release prior to 18.0.0.352 for Windows and Macintosh
- Adobe Flash Player for Google Chrome prior to 21.0.0.242 for Windows, Macintosh, Linux and ChromeOS
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 prior to 21.0.0.242 for Windows 8.1 and 10
- Adobe Flash Player for Linux prior to 11.2.202.621 for Linux
- AIR Desktop Runtime prior to 21.0.0.215 for Windows and Macintosh
- AIR SDK prior to 21.0.0.215 for Windows, Macintosh, Android and iOS
- AIR SDK & Compiler prior to 21.0.0.215 for Windows, Macintosh, Android and iOS
ORIGINAL DESCRIPTION:
An unspecified security vulnerability has been discovered in Adobe Flash Player which could allow for remote code execution.
Successful exploitation of this vulnerability may allow for remote code execution and allow an attacker to take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full system rights. Failed exploit attempts will likely result in denial-of-service conditions.
May 12 - UPDATED DESCRIPTION:
Adobe Flash Player is prone to multiple vulnerabilities that could allow for remote code execution. These vulnerabilities are as follows:
- Multiple type confusion vulnerabilities could lead to remote code execution. (CVE-2016-1105, CVE-2016-4117)
- Multiple use-after-free vulnerabilities could lead to remote code execution. (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).
- A heap buffer overflow vulnerability that could lead to remote code execution. (CVE-2016-1101).
- A buffer overflow vulnerability that could lead to remote code execution. (CVE-2016-1103).
- Multiple memory corruption vulnerabilities that could lead to remote code execution. (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).
- A directory search path vulnerability that could lead to remote code execution. (CVE-2016-4116).
Successful exploitation of these vulnerabilities may allow for remote code execution and allow an attacker to take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full system rights with failed exploit attempts will likely result in denial-of-service conditions.
ORIGINAL ACTIONS:
- Disable Flash functionality until a patch is released by Adobe.
- Limit user account privileges to least privilege only.
- Remind users not to visit websites or follow links provided by unknown or untrusted sources.
- Do not open email attachments from unknown or untrusted sources.
May 12 - UPDATED ACTION:
- Install the updates provided by Adobe immediately after appropriate testing.
ORIGINAL REFERENCES:
Adobe:
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4117
May 12 – UPDATED REFERENCES:
Adobe:
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4116