10
CVE-2016-1019
- EPSS 77.06%
- Published 07.04.2016 10:59:01
- Last modified 12.04.2025 10:46:40
- Source psirt@adobe.com
- Teams watchlist Login
- Open Login
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
Data is provided by the National Vulnerability Database (NVD)
Adobe ≫ Flash Player Desktop Runtime Version <= 21.0.0.197
Adobe ≫ Flash Player SwEditionesr Version <= 18.0.0.333
Adobe ≫ Flash Player SwPlatformchrome Version <= 21.0.0.197
Adobe ≫ Flash Player SwPlatformedge Version <= 21.0.0.197
Adobe ≫ Flash Player SwPlatforminternet_explorer Version <= 21.0.0.197
Adobe ≫ Flash Player Version <= 11.2.202.577
Adobe ≫ Air Desktop Runtime Version <= 21.0.0.176
03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Adobe Flash Player Arbitrary Code Execution Vulnerability
VulnerabilityAdobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
DescriptionThe impacted product is end-of-life and should be disconnected if still in use.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 77.06% | 0.989 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|