10
CVE-2016-1019
- EPSS 22.49%
- Veröffentlicht 07.04.2016 10:59:01
- Zuletzt bearbeitet 21.04.2026 21:08:11
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Desktop Runtime Version <= 21.0.0.197
Adobe ≫ Flash Player SwEditionesr Version <= 18.0.0.333
Adobe ≫ Flash Player SwPlatformchrome Version <= 21.0.0.197
Adobe ≫ Flash Player SwPlatformedge Version <= 21.0.0.197
Adobe ≫ Flash Player SwPlatforminternet_explorer Version <= 21.0.0.197
Adobe ≫ Flash Player Version <= 11.2.202.577
Adobe ≫ Air Desktop Runtime Version <= 21.0.0.176
03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Adobe Flash Player Arbitrary Code Execution Vulnerability
SchwachstelleAdobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
BeschreibungThe impacted product is end-of-life and should be disconnected if still in use.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 22.49% | 0.974 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
http://blogs.adobe.com/psirt/?p=1330
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
http://rhn.redhat.com/errata/RHSA-2016-0610.html
http://www.securityfocus.com/bid/85856
http://www.securitytracker.com/id/1035491
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
https://security.gentoo.org/glsa/201606-08
https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1019
https://github.com/cisagov/vulnrichment/issues/196