Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2016-12-15 CVE-2016-7889 Information Exposure vulnerability in Adobe Digital Editions
Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure.
network
low complexity
adobe CWE-200
7.5
7.5
2016-12-15 CVE-2016-7887 Information Exposure vulnerability in Adobe Coldfusion Builder
Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure.
network
low complexity
adobe CWE-200
7.5
7.5
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
8.8
2016-12-15 CVE-2016-7881 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7880 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7879 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7878 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7877 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0).
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7876 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality.
network
low complexity
adobe CWE-787
8.8
8.8
2016-12-15 CVE-2016-7875 Integer Overflow or Wraparound vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class.
network
low complexity
adobe CWE-190
8.8
8.8