9.3

CVE-2016-4136

Exploit

EPSS 40.17%
Published 16.06.2016 14:59:17
Last modified 12.04.2025 10:46:40
Source psirt@adobe.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Affected products Warnungen 0 Metrics 3 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Adobe ≫ Flash Player SwPlatformchrome Version <= 21.0.0.242

   Apple ≫ macOS Version-
   Google ≫ Chrome Os Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Adobe ≫ Flash Player Desktop Runtime Version <= 21.0.0.242

   Apple ≫ macOS Version-
   Google ≫ Chrome Os Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Adobe ≫ Flash Player SwPlatformedge Version <= 21.0.0.242

Microsoft ≫ Windows 10 Version-
Microsoft ≫ Windows 8.1 Version-

Adobe ≫ Flash Player SwPlatforminternet_explorer_11 Version <= 21.0.0.242

Microsoft ≫ Windows 10 Version-
Microsoft ≫ Windows 8.1 Version-

Adobe ≫ Flash Player Version <= 11.2.202.621

Linux ≫ Linux Kernel Version-

Adobe ≫ Flash Player SwEditionesr Version <= 18.0.0.352

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

Opensuse ≫ Opensuse Version13.1

Opensuse ≫ Opensuse Version13.2

Suse ≫ Linux Enterprise Desktop Version12 Update-

Suse ≫ Linux Enterprise Desktop Version12 Updatesp1

Suse ≫ Linux Enterprise Workstation Extension Version12 Update-

Suse ≫ Linux Enterprise Workstation Extension Version12 Updatesp1

Adobe ≫ Flash Player Version-

   Microsoft ≫ Windows 10 Version-
   Microsoft ≫ Windows 10 Version1511
   Microsoft ≫ Windows 8.1 Version-
   Microsoft ≫ Windows Rt 8.1 Version-
   Microsoft ≫ Windows Server 2012 Version-
   Microsoft ≫ Windows Server 2012 Version- Updater2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	40.17%	0.97

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html

Third Party Advisory

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html

Third Party Advisory

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html

Third Party Advisory

Broken Link

http://www.securitytracker.com/id/1036117

Third Party Advisory

VDB Entry

https://access.redhat.com/errata/RHSA-2016:1238

Third Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083

Patch

Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsb16-18.html

Vendor Advisory

https://www.exploit-db.com/exploits/40088/

Third Party Advisory

Exploit

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-4136

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4136

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4136

EUVD