A type confusion vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Category Archives: Checkpoint
Checkpoint
Adobe Flash Player Use After Free Code Execution (APSB16-37: CVE-2016-7858; CVE-2016-7858)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Use After Free (APSB16-37: CVE-2016-7864; CVE-2016-7864)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Type Confusion (APSB16-37: CVE-2016-7865; CVE-2016-7865)
A type confusion vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Type Confusion (APSB16-37: CVE-2016-7861; CVE-2016-7861)
A type confusion vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Use After Free Code Execution (APSB16-37: CVE-2016-7857; CVE-2016-7857)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Acrobat and Reader Use After Free (APSB16-33: CVE-2016-6988; CVE-2016-6988)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.
Microsoft Windows CLFS Driver Elevation of Privilege (MS16-134: CVE-2016-3343; CVE-2016-3343)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to improper handling of objects in memory. The attacker must entice the victim to run an executable file to exploit this vulnerability.
Microsoft Office Memory Corruption (MS16-133: CVE-2016-7230; CVE-2016-7230)
A remote code execution vulnerability exists in Microsoft PowerPoint. The vulnerability is due to a use-after-free error in Microsoft PowerPoint while handling a specially crafted PPT file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PPT file.
IBM WebSphere WASPostParam cookie Untrusted Java Deserialization (CVE-2016-5983)
A remote code execution vulnerability has been reported in IBM WebSphere. The vulnerability is due to an untrusted deserialization of data when the WASPostParam cookie is present in the request. A remote, authenticated attacker can exploit this vulnerability by sending a request containing a malicious WASPostParam value to the target server.