10

CVE-2016-4117

Warnung
Exploit
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 21.0.0.226
OpensuseEvergreen Version11.4
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
SuseLinux Enterprise Desktop Version12 Update-
SuseLinux Enterprise Desktop Version12 Updatesp1

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Flash Player Arbitrary Code Execution Vulnerability

Schwachstelle

An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.

Beschreibung

The impacted product is end-of-life and should be disconnected if still in use.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 94.35% 0.998
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/201606-08
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-1079.html
Third Party Advisory
http://www.securityfocus.com/bid/90505
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id/1035826
Third Party Advisory
Broken Link
VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
Vendor Advisory
Broken Link
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Broken Link
https://www.exploit-db.com/exploits/46339/
Third Party Advisory
Exploit
VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4117
US Government Resource
https://github.com/cisagov/vulnrichment/issues/196
Issue Tracking