CyberSec.Space Logo
Back to CVE Browser

CVE-2016-7892

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score90.0600%
EPSS Percentile88.73th
PublishedDec 15, 2016
Last ModifiedApr 21, 2026

Vulnerability Description

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

Affected Platforms (CPE)

πŸ“¦
Adobe

Flash Player Desktop Runtime

<= 23.0.0.207
πŸ“¦
Adobe

Flash Player

<= 23.0.0.207
πŸ“¦
Adobe

Flash Player

<= 23.0.0.207
πŸ“¦
Adobe

Flash Player

<= 23.0.0.207
πŸ“¦
Adobe

Flash Player

<= 11.2.202.644

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html
πŸ”— http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2016-2947.html
πŸ”— http://www.securityfocus.com/bid/94877
πŸ”— http://www.securitytracker.com/id/1037442
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154
πŸ”— https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
πŸ”— https://security.gentoo.org/glsa/201701-17

Related Vulnerabilities

CVE-2020-96339.8

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe ...

CVE-2016-09599.8

Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release ...

CVE-2019-70906.5

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and ...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...