CVE-2016-6992

Vulnerability

CVE-2016-6992 is an unspecified type confusion vulnerability in Adobe Flash Player. The flaw exists in the software's handling of certain data types, leading to memory corruption. It affects Flash Player versions prior to 18.0.0.382 and versions 19.x through 23.x prior to 23.0.0.185 on Windows and macOS, as well as versions prior to 11.2.202.637 on Linux [1][2]. An attacker can exploit this by tricking a user into opening a maliciously crafted Flash file.

Exploitation

To exploit this vulnerability, an attacker must craft a malicious SWF file that triggers the type confusion when processed by an affected Flash Player version. The attacker would typically host this file on a website or deliver it via email. The victim must then open the file or navigate to the malicious page using a browser with the vulnerable Flash plugin. No prior authentication is required, and the attack can be performed remotely [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the logged-in user. This could lead to complete compromise of the affected system, including installation of programs, viewing, changing, or deleting data, and creating new accounts with full user rights. The impact is high, as Flash Player runs with user-level privileges, and the vulnerability can be chained with other weaknesses to elevate privileges [2].

Mitigation

Adobe released fixed versions on October 13, 2016: 23.0.0.185, 18.0.0.382, and 11.2.202.637 for the respective platforms [1]. Users should update immediately. For systems where updating is not possible, disabling Flash Player or enabling click-to-play can reduce risk. The vulnerability is not listed in the Known Exploited Vulnerabilities (KEV) catalog as of this writing. Red Hat and Gentoo advisories provide package updates for Linux distributions [1][2].