FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt
Adobe Flash Player versions 184.108.40.206 and earlier, 220.127.116.113 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS base score 9.8
CVSS impact score 5.9
CVSS exploitability score 3.9
Ease of Attack:
What To Look For
No public information
No known false positives
Talos research team.
This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
For more information see [nvd].
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2016-7857Adobe Flash Player versions 18.104.22.168 and earlier, 22.214.171.1243 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
||Ease of Access||