HomePentest-Tools.com Logo

Adobe Animate Memory Corruption Vulnerability-(Windows) CVE-2016-7866

Severity
CVSSv3 Score
9.8
Vulnerability description

Adobe Animate is prone to a memory corruption vulnerability.

Risk description

The flaw exists when creating .FLA files with ActionScript Classes that use overly long Class names. This causes memory corruption leading to possible arbitrary code execution upon opening a maliciously created .Fla Flash file. Successful exploitation will allow attacker to run arbitrary code execution or conduct a denial of service condition.

Recommendation

Upgrade to Adobe Animate 16.0.0.112 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 15, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available