Lucene search

AdobeCVE-2016-4120

HistoryJun 16, 2016 - 2:59 p.m.

CVE-2016-4120

2016-06-1614:59:00

CWE-119

adobe

web.nvd.nist.gov

cve-2016-4120

adobe flash player

arbitrary code execution

denial of service

memory corruption

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

High

EPSS

0.948

Percentile

99.3%

JSON

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.

Affected configurations

Nvd

Node

microsoftwindows_10Match-

microsoftwindows_8.1Match-

AND

adobeflash_playerRange≤21.0.0.241edge

adobeflash_playerRange≤21.0.0.241internet_explorer

Node

adobeflash_playerRange≤18.0.0.343esr

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeair_sdk_\&_compilerRange≤21.0.0.198

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤21.0.0.198

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤11.2.202.616

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤21.0.0.216chrome

AND

applemac_os_xMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

adobeflash_player_desktop_runtimeRange≤21.0.0.226

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

applemac_os_xMatch-

microsoftwindowsMatch-

AND

adobeair_desktop_runtimeRange≤21.0.0.198

VendorProductVersionCPE
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
adobeair_sdk_\&_compiler*cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::edge::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::internet_explorer::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player:::::esr:::*
apple	mac_os_x	-	cpe:2.3:o:apple:mac_os_x:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
adobe	air_sdk_\&_compiler	*	cpe:2.3:a:adobe:air_sdk_\&_compiler::::::::
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*