QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1014

Published: Apr 9, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2016:1305

vendor-advisory

x_refsource_SUSE

http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html

x_refsource_MISC

openSUSE-SU-2016:1306

vendor-advisory

x_refsource_SUSE

20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player

mailing-list

x_refsource_FULLDISC

vendor-advisory

x_refsource_REDHAT

20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_MS

https://helpx.adobe.com/security/products/flash-player/apsb16-10.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.