Candidate: CVE-2016-4174
PublicDate: 2016-07-13 01:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4174
 https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
Description:
 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and
 19.x through 22.x before 22.0.0.209 on Windows and OS X and before
 11.2.202.632 on Linux allows attackers to execute arbitrary code via
 unspecified vectors, a different vulnerability than CVE-2016-4173,
 CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,
 CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chriscoulson
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_flashplugin-nonfree:
upstream_flashplugin-nonfree: released (11.2.202.632)
precise_flashplugin-nonfree: released (11.2.202.632ubuntu0.12.04.1)
trusty_flashplugin-nonfree: released (11.2.202.632ubuntu0.14.04.1)
trusty/esm_flashplugin-nonfree: DNE (trusty was released [11.2.202.632ubuntu0.14.04.1])
vivid/ubuntu-core_flashplugin-nonfree: DNE
vivid/stable-phone-overlay_flashplugin-nonfree: DNE
wily_flashplugin-nonfree: released (11.2.202.632ubuntu0.15.10.1)
xenial_flashplugin-nonfree: released (11.2.202.632ubuntu0.16.04.1)
devel_flashplugin-nonfree: released (11.2.202.632ubuntu1)

Patches_adobe-flashplugin:
upstream_adobe-flashplugin: released (11.2.202.632)
precise_adobe-flashplugin: released (1:20160712.1-0ubuntu0.12.04.1)
trusty_adobe-flashplugin: released (1:20160712.1-0ubuntu0.14.04.1)
trusty/esm_adobe-flashplugin: DNE (trusty was released [1:20160712.1-0ubuntu0.14.04.1])
vivid/ubuntu-core_adobe-flashplugin: DNE
vivid/stable-phone-overlay_adobe-flashplugin: DNE
wily_adobe-flashplugin: released (1:20160712.1-0ubuntu0.15.10.1)
xenial_adobe-flashplugin: released (1:20160712.1-0ubuntu0.16.04.1)
devel_adobe-flashplugin: released (1:20160712.1-0ubuntu1)