4.3

CVE-2016-4178

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Desktop Runtime Version <= 22.0.0.192
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeFlash Player SwEditionesr Version <= 18.0.0.360
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformchrome Version <= 22.0.0.192
   ApplemacOS X Version-
   GoogleChrome Os Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformedge Version <= 22.0.0.192
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player SwPlatforminternet_explorer Version <= 22.0.0.192
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player Version <= 11.2.202.626
   LinuxLinux Kernel Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.59% 0.81
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://www.securitytracker.com/id/1036280
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/91723
Third Party Advisory
Broken Link
VDB Entry