10

CVE-2016-4171

Warnung
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 11.2.202.621
   LinuxLinux Kernel Version-
AdobeFlash Player Version <= 21.0.0.242
   ApplemacOS X
   ApplemacOS
   MicrosoftWindows
AdobeFlash Player SwPlatformchrome Version <= 21.0.0.242
   ApplemacOS X
   ApplemacOS
   GoogleChrome Os
   LinuxLinux Kernel
   MicrosoftWindows
AdobeFlash Player SwPlatforminternet_explorer Version <= 21.0.0.242
AdobeFlash Player SwEditionesr Version <= 18.0.0.352
   ApplemacOS X
   ApplemacOS
   MicrosoftWindows
AdobeFlash Player SwPlatformedge Version <= 21.0.0.242
AdobeFlash Player SwPlatforminternet_explorer Version <= 21.0.0.242
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
SuseLinux Enterprise Desktop Version12 Update-
SuseLinux Enterprise Desktop Version12 Updatesp1

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Flash Player Remote Code Execution Vulnerability

Schwachstelle

Unspecified vulnerability in Adobe Flash Player allows for remote code execution.

Beschreibung

The impacted product is end-of-life and should be disconnected if still in use.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 19.9% 0.971
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://security.gentoo.org/glsa/201606-08
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2016:1238
Third Party Advisory
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
Vendor Advisory
http://www.securityfocus.com/bid/91184
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036094
Third Party Advisory
VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsa16-03.html
Vendor Advisory
https://www.kb.cert.org/vuls/id/748992
Third Party Advisory
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4171
US Government Resource
https://github.com/cisagov/vulnrichment/issues/196
Issue Tracking