Access of Uninitialized Pointer

CVE-2016-1005

High

8.8/10

Summary

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

References

Advisory Timeline

Published Mar 12, 2016

Access of Uninitialized Pointer

CVE-2016-1005

Summary

CWE-824 - Access of Uninitialized Pointer

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS