CVE-2016-7866

CRITICAL

Adobe Animate <= 15.2.1.95 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-7866. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This is a detailed writeup describing a memory corruption vulnerability in Adobe Animate (CVE-2016-7866) caused by overly long class names in .FLA files, leading to potential arbitrary code execution. It includes reproduction steps and distribution methods but does not contain actual exploit code.

Description

Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Exploits (1)

exploitdb WRITEUP VERIFIED
by hyp3rlinx · textdoswindows
https://www.exploit-db.com/exploits/40915

This is a detailed writeup describing a memory corruption vulnerability in Adobe Animate (CVE-2016-7866) caused by overly long class names in .FLA files, leading to potential arbitrary code execution. It includes reproduction steps and distribution methods but does not contain actual exploit code.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Animate 15.2.1.95 and earlier
No auth needed
Prerequisites: Ability to create and distribute malicious .FLA or .JSFL files
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94872
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40915/
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/animate/apsb16-38.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/539923/100/0/threaded
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Dec/45

Scores

CVSS v3 9.8
EPSS 0.6439
EPSS Percentile 98.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
adobe/animate < 15.2.1.95
n/a/Adobe Animate 15.2.1.95 and earlier Adobe Animate 15.2.1.95 and earlier
Published Dec 15, 2016
Tracked Since Feb 18, 2026