Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
8.8
2016-12-15 CVE-2016-7881 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7880 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7879 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7878 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class.
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7877 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0).
network
low complexity
adobe CWE-416
8.8
8.8
2016-12-15 CVE-2016-7876 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality.
network
low complexity
adobe CWE-787
8.8
8.8
2016-12-15 CVE-2016-7875 Integer Overflow or Wraparound vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class.
network
low complexity
adobe CWE-190
8.8
8.8
2016-12-15 CVE-2016-7874 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types.
network
low complexity
adobe CWE-787
8.8
8.8
2016-12-15 CVE-2016-7873 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method.
network
low complexity
adobe CWE-787
8.8
8.8