Vulnerability Description
Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Animate | <= 15.2.1.95 |
Related Weaknesses (CWE)
References
- http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNE
- http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overf
- http://seclists.org/fulldisclosure/2016/Dec/45
- http://www.securityfocus.com/archive/1/539923/100/0/threaded
- http://www.securityfocus.com/bid/94872
- https://helpx.adobe.com/security/products/animate/apsb16-38.htmlPatchVendor Advisory
- https://www.exploit-db.com/exploits/40915/
- http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNE
- http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overf
- http://seclists.org/fulldisclosure/2016/Dec/45
- http://www.securityfocus.com/archive/1/539923/100/0/threaded
- http://www.securityfocus.com/bid/94872
- https://helpx.adobe.com/security/products/animate/apsb16-38.htmlPatchVendor Advisory
- https://www.exploit-db.com/exploits/40915/
FAQ
What is CVE-2016-7866?
CVE-2016-7866 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
How severe is CVE-2016-7866?
CVE-2016-7866 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-7866?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Animate.