FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player loadPCMFromByteArray exception null pointer access attempt
Use-after-free vulnerability in Adobe Flash Player before 126.96.36.1999 and 19.x and 20.x before 188.8.131.526 on Windows and OS X and before 184.108.40.2069 on Linux, Adobe AIR before 220.127.116.110, Adobe AIR SDK before 18.104.22.1680, and Adobe AIR SDK & Compiler before 22.214.171.1240 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.
CVSS base score 9.8
CVSS impact score 5.9
CVSS exploitability score 3.9
Ease of Attack:
What To Look For
No public information
No known false positives
Talos research team.
This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
For more information see [nvd].