Home > Vulnerability Database > CVE-2016-7861

Mend Vulnerability Database

New vulnerability? Tell us about it!

CVE-2016-7861

Good to know:

Date: November 8, 2016

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Severity Score

8.8

Related Resources (5)

Url: https://security.gentoo.org/glsa/201611-18

Url: https://nvd.nist.gov/vuln/detail/CVE-2016-7861

Url: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-141

Url: http://www.securitytracker.com/id/1037240

Url: https://www.mend.io/vulnerability-database/CVE-2016-7861

Severity Score

8.8

Weakness Type (CWE)

Incorrect Type Conversion or Cast

CWE-704

Top Fix

Upgrade Version

CVSS v3

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us