UBUNTU-CVE-2016-1017

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2016-1017
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-1017.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-1017
Upstream
Published
2016-04-09T01:59:00Z
Modified
2025-07-16T08:11:58.948238Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031.

References

Affected packages

Ubuntu:14.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@11.2.202.616ubuntu0.14.04.1?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.616ubuntu0.14.04.1

Affected versions

11.*
11.2.202.310ubuntu1
11.2.202.327ubuntu0.13.10.1
11.2.202.332ubuntu1
11.2.202.335ubuntu1
11.2.202.336ubuntu1
11.2.202.341ubuntu1
11.2.202.346ubuntu1
11.2.202.350ubuntu1
11.2.202.356ubuntu0.14.04.1
11.2.202.359ubuntu0.14.04.1
11.2.202.378ubuntu0.14.04.1
11.2.202.394ubuntu0.14.04.1
11.2.202.400ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.2
11.2.202.411ubuntu0.14.04.1
11.2.202.418ubuntu0.14.04.1
11.2.202.424ubuntu0.14.04.1
11.2.202.425ubuntu0.14.04.1
11.2.202.429ubuntu0.14.04.1
11.2.202.438ubuntu0.14.04.1
11.2.202.440ubuntu0.14.04.1
11.2.202.442ubuntu0.14.04.1
11.2.202.451ubuntu0.14.04.1
11.2.202.457ubuntu0.14.04.1
11.2.202.460ubuntu0.14.04.1
11.2.202.466ubuntu0.14.04.1
11.2.202.468ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.2
11.2.202.491ubuntu0.14.04.1
11.2.202.508ubuntu0.14.04.1
11.2.202.521ubuntu0.14.04.1
11.2.202.535ubuntu0.14.04.1
11.2.202.540ubuntu0.14.04.2
11.2.202.548ubuntu0.14.04.1
11.2.202.554ubuntu0.14.04.1
11.2.202.559ubuntu0.14.04.1
11.2.202.569ubuntu0.14.04.1
11.2.202.577ubuntu0.14.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "11.2.202.616ubuntu0.14.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "11.2.202.616ubuntu0.14.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-1017.json"