6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.5%
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html
lists.opensuse.org/opensuse-updates/2016-12/msg00112.html
rhn.redhat.com/errata/RHSA-2016-2947.html
www.securityfocus.com/bid/94873
www.securitytracker.com/id/1037442
www.zerodayinitiative.com/advisories/ZDI-16-626
docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154
helpx.adobe.com/security/products/flash-player/apsb16-39.html
security.gentoo.org/glsa/201701-17
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.5%