9.3

CVE-2016-4122

EPSS 2.18%
Published 16.06.2016 14:59:02
Last modified 12.04.2025 10:46:40
Source psirt@adobe.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Affected products Warnungen 0 Metrics 3 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Adobe ≫ Flash Player Desktop Runtime Version <= 21.0.0.242

Apple ≫ macOS X Version-
Microsoft ≫ Windows Version-

Adobe ≫ Flash Player Version <= 11.2.202.621

Linux ≫ Linux Kernel Version-

Adobe ≫ Flash Player SwEditionesr Version <= 18.0.0.352

Apple ≫ macOS X Version-
Microsoft ≫ Windows Version-

Adobe ≫ Flash Player SwPlatformedge Version <= 21.0.0.242

Microsoft ≫ Windows 10 Version-
Microsoft ≫ Windows 8.1 Version-

Adobe ≫ Flash Player SwPlatforminternet_explorer Version <= 21.0.0.242

Microsoft ≫ Windows 10 Version-
Microsoft ≫ Windows 8.1 Version-

Adobe ≫ Flash Player SwPlatformchrome Version <= 21.0.0.242

   Apple ≫ macOS X Version-
   Google ≫ Chrome Os Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Opensuse ≫ Opensuse Version13.1

Opensuse ≫ Opensuse Version13.2

Suse ≫ Linux Enterprise Desktop Version12 Update-

Suse ≫ Linux Enterprise Desktop Version12 Updatesp1

Suse ≫ Linux Enterprise Workstation Extension Version12 Update-

Suse ≫ Linux Enterprise Workstation Extension Version12 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.18%	0.837

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html

Third Party Advisory

Broken Link

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html

Third Party Advisory

Broken Link

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html

Third Party Advisory

Broken Link

Mailing List

http://www.securitytracker.com/id/1036117

Third Party Advisory

Broken Link

VDB Entry

https://access.redhat.com/errata/RHSA-2016:1238

Third Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083

Patch

Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsb16-18.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-4122

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4122

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4122

EUVD