CVE-2019-7096

CRITICAL

Adobe Flash Player <32.0.0.156 - Use After Free

Title source: llm
STIX 2.1

Description

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201908-21

Scores

CVSS v3 9.8
EPSS 0.0638
EPSS Percentile 92.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (2)
adobe/flash_player < 32.0.0.156 (3 CPE variants)
adobe/flash_player_desktop_runtime < 32.0.0.156
Published May 23, 2019
Tracked Since Feb 18, 2026