CVE-2016-1010

CVE Database · CVE-2016-1010

CVE-2016-1010

· HIGHAnalyzed

CVSS v3.1

8.8

EPSS

19.79%

Published

Mar 12, 2016

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-05-25 · Due: 2022-06-15

The impacted products are end-of-life and should be disconnected if still in use.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-190CWE-190

Affected Products (31)

adobe · flash_playervulnerable

apple · mac_os_x

google · chrome_os

linux · linux_kernel

microsoft · windows

adobe · airvulnerable

google · android