cbcvebase.
CVE-2016-1106
published 2016-05-11

CVE-2016-1106: Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and…

PriorityP262high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
37.21%
98.3th percentile
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Affected

11 ranges
VendorProductVersion rangeFixed in
adobeair_desktop_runtime<= 21.0.0.198
adobeair_sdk<= 21.0.0.198
adobeair_sdk_compiler<= 21.0.0.198
adobeflash_player<= 21.0.0.213
adobeflash_player<= 21.0.0.241
adobeflash_player<= 18.0.0.343
adobeflash_player<= 11.2.202.616
adobeflash_player<= 21.0.0.216
adobeflash_player_desktop_runtime<= 21.0.0.226
microsoftinternet_explorer
microsoftinternet_explorer

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39831.zip
  • Look for ActionScript calls to ASSetNative combined with a watch() callback that removes the watched MovieClip — this is the trigger pattern for the SetNative use-after-free exploit.
  • Detect SWF files that invoke ASSetNative with class ID 106 alongside a watch() on the same object as a suspicious indicator of CVE-2016-1106 exploitation attempts.
  • ·The vulnerability is described as 'unspecified' with 'unknown impact and attack vectors' in the NVD entry; full technical details beyond the PoC are not publicly disclosed.
  • ·The PoC exploit targets Adobe Flash Player 21.0.0.213 and earlier; the vulnerability is specifically exercised via the SetNative/ASSetNative ActionScript API with a watch callback that frees the object mid-operation.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.5HIGH
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.