Lucene search

[email protected]CVE-2016-1012

HistoryApr 09, 2016 - 1:59 a.m.

CVE-2016-1012

2016-04-0901:59:28

CWE-787

[email protected]

web.nvd.nist.gov

cve-2016-1012

adobe flash player

vulnerability

arbitrary code execution

dos

memory corruption

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.7%

JSON

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.577

AND

linuxlinux_kernelMatch-

Node

adobeflash_player_desktop_runtimeRange≤21.0.0.197

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤18.0.0.333esr

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

microsoftwindows_8.1Match-

AND

adobeflash_playerRange≤21.0.0.197internet_explorer

Node

adobeflash_playerRange≤21.0.0.197chrome

AND

applemac_os_xMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

AND

adobeflash_playerRange≤21.0.0.197edge

Node

adobeair_desktop_runtimeRange≤21.0.0.176

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤21.0.0.176

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeair_sdk_\&_compilerRange≤21.0.0.176

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.577

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.577

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html

rhn.redhat.com/errata/RHSA-2016-0610.html

www.securityfocus.com/bid/85932

www.securitytracker.com/id/1035509

docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050

helpx.adobe.com/security/products/flash-player/apsb16-10.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.7%

JSON

Related for CVE-2016-1012

cve12 ubuntucve13 cvelist13 prion13 nvd13 nessus9 openvas9 redhat1 kaspersky1 altlinux2 archlinux1 mageia1 freebsd1 suse2 checkpoint_advisories1 mscve1 amazon1