Search criteria
218 vulnerabilities found for Flash Player Desktop Runtime by Adobe
VAR-201507-0105
Vulnerability from variot - Updated: 2024-04-19 22:16Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015. Adobe Flash Player Use freed memory (use-after-free) Vulnerabilities exist. Adobe Flash Player Is ActionScript 3 of opaqueBackground Freed memory used due to processing (use-after-free) Vulnerabilities exist. It is possible to destroy memory by exploiting this vulnerability. Note that this vulnerability Proof-of-Concept The code has been released. opaqueBackground http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/display/DisplayObject.html#opaqueBackground In addition, National Vulnerability Database (NVD) Then CWE-416 It is published as CWE-416: Use After Free http://cwe.mitre.org/data/definitions/416.htmlThe user who uses the product has been crafted Flash Accessed or crafted websites containing content Microsoft Office Opening a document may lead to arbitrary code execution on the user's web browser. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. (widely exploited in July 2015).
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.508"
References
[ 1 ] CVE-2015-3107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107 [ 2 ] CVE-2015-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122 [ 3 ] CVE-2015-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123 [ 4 ] CVE-2015-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124 [ 5 ] CVE-2015-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125 [ 6 ] CVE-2015-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127 [ 7 ] CVE-2015-5129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129 [ 8 ] CVE-2015-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130 [ 9 ] CVE-2015-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131 [ 10 ] CVE-2015-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132 [ 11 ] CVE-2015-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133 [ 12 ] CVE-2015-5134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134 [ 13 ] CVE-2015-5539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539 [ 14 ] CVE-2015-5540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540 [ 15 ] CVE-2015-5541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541 [ 16 ] CVE-2015-5544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544 [ 17 ] CVE-2015-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545 [ 18 ] CVE-2015-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546 [ 19 ] CVE-2015-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547 [ 20 ] CVE-2015-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548 [ 21 ] CVE-2015-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549 [ 22 ] CVE-2015-5550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550 [ 23 ] CVE-2015-5551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551 [ 24 ] CVE-2015-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552 [ 25 ] CVE-2015-5553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553 [ 26 ] CVE-2015-5554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554 [ 27 ] CVE-2015-5555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555 [ 28 ] CVE-2015-5556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556 [ 29 ] CVE-2015-5557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557 [ 30 ] CVE-2015-5558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558 [ 31 ] CVE-2015-5559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559 [ 32 ] CVE-2015-5560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560 [ 33 ] CVE-2015-5561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561 [ 34 ] CVE-2015-5562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562 [ 35 ] CVE-2015-5563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563 [ 36 ] CVE-2015-5564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564 [ 37 ] CVE-2015-5965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201508-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:1235-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1235.html Issue date: 2015-07-16 CVE Names: CVE-2015-5122 CVE-2015-5123 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-18 listed in the References section.
Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1242216 - CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.491-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.491-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.491-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.491-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-5122 https://access.redhat.com/security/cve/CVE-2015-5123 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-18.html https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVp+WCXlSAg2UNWIIRAsPvAKC4jqtQIpeXv33Wj/vKMotQ4sdPZwCgibDD MzLG3LQTopnph72hflS2aDE= =XzfT -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04796784
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04796784 Version: 1
HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-14 Last Updated: 2015-09-14
Potential Security Impact: Remote Denial of Service (DoS), Unauthorized Access to Data
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address two vulnerabilities found in Adobe Flash Player versions v11.x through v11.2.202.481 on Linux.
References:
CVE-2015-5122 CVE-2015-5123 SSRT102253
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Smart Zero Core v4.4 HP Smart Zero Core v5.0 HP Smart Zero Core v5.1 HP Smart Zero Core v5.2 HP ThinPro v4.4 HP ThinPro v5.0 HP ThinPro v5.1 HP ThinPro v5.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address these Adobe Flash Player vulnerabilities.
HP ThinPro 4.4 and HP Smart Zero Core 4.4 http://ftp.hp.com/pub/tcdebian/upda tes/4.4/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.0 and HP Smart Zero Core 5.0 http://ftp.hp.com/pub/tcdebian/upda tes/5.0/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.1 and HP Smart Zero Core 5.1 http://ftp.hp.com/pub/tcdebian/upda tes/5.1/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.2 and HP Smart Zero Core 5.2 ( http://ftp.hp.com/pub/tcdebian/up dates/5.2/service_packs/flash11.2.202.491-4.4-5.2-x86.xar
HISTORY Version:1 (rev.1) - 14 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS).
- iMC PLAT prior to 7.1 E0303P16
- iMC SHM prior to 7.1 E0301P05
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HPE has provided the following software updates to resolve the vulnerabilities in iMC SHM and iMC PLAT.
-
iMC SHM 7.1 E0301P05 or later for the following Products/SKUs:
-
JG398A HP IMC Service Health Manager Software Module License
-
JG398AAE HP IMC Service Health Manager Software Module E-LTU
-
iMC PLAT 7.1 E0303P16 or later for the following Products/SKUs:
-
JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
- JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
- JG659AAE HP IMC Smart Connect VAE E-LTU
- JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
- JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
HISTORY Version:1 (rev.1) - 28 January 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201507-0105",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.468"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.451"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.442"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.440"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.438"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.429"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.424"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.2,
"vendor": "adobe",
"version": "11.2.202.411"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.204"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "evergreen",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "13.0.0.302"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "flash player desktop runtime",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "13.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.481"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "18.0.0.204"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.0 from 18.0.0.204"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.6,
"vendor": "suse",
"version": "11.4"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "14.0179"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "14.0177"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "14.0176"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0259"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0252"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0214"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0182"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.070"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700275"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700232"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700169"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.6.602105"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502131"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502124"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502118"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.50080"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.4.400231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300271"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300270"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300268"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300250"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300214"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.20295"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202425"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202418"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202400"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202359"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202350"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202346"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202341"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202297"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202236"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202221"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202197"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202160"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.11569"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.11554"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.11164"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.11150"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.198"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.160"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1129"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.194"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.161"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.160"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.143"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.0.0.188"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.0.0.169"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.0.0.134"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.305"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.296"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.291"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.287"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "16.0.0.234"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.246"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.242"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.239"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.189"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.0.0.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "14.0.0.145"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "14.0.0.125"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.296"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.292"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.289"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.281"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.277"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.269"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.264"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.258"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.250"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.244"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.206"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "13.0.0.201"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.0.0.77"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.0.0.44"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.0.0.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.0.0.41"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12.0.0.38"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.9.900.170"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.9.900.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.9.900.117"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.8.800.97"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.8.800.94"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.8.800.170"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.8.800.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.279"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.272"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.269"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.252"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.242"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.225"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.224"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.203"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.7.700.202"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.6.602.180"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.6.602.171"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502.149"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502.146"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502.136"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502.135"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.4.402.287"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.4.402.278"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.4.402.265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.378.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.31.230"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.3.300.273"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.466"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.457"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.406"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.394"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.378"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.356"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.336"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.335"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.332"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.327"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.310"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.291"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.285"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.275"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.273"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.258"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.243"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.81"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.59"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.58"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.48"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.73"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.54"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.44"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.86"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.75"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.68"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.67"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.50"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.48"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.29"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.52.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.106.17"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.2.54"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.425"
},
{
"model": "rhel supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "rhel desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "11"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "10"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0356"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0178"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.083"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0111"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0.0.1390"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.9.0.1380"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.144"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.143"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "17.0.0.172"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "17.0.0.144"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.272"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.302"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.249"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.179"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.137"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.110"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.7.0.16600"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.7.0.15300"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0356"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0179"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0178"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.083"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0111"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.01628"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.01390"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.71860"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.71660"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.71530"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.33610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0.0.1390"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.9.0.1380"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.9.0.1210"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.9.0.1060"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.8.0.910"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.8.0.870"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.8.0.1430"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.7.0.2100"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.7.0.2090"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.6.0.6090"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.0.1060"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.3.0.3690"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.3.0.3670"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.485"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0.0.408"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.19610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.0.19530"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.0.1953"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.0.19480"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.0.1948"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.0.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.0.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1.17730"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.0.16600"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3.13070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.144"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.143"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "17.0.0.172"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "17.0.0.144"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.272"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.245"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.293"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.252"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.249"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.137"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.110"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1.8210"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1.0.5790"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0.8.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.204"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.302"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.481"
},
{
"model": "air sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.180"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.180"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "imc plat",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "thinpro",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"model": "imc plat e0303p16",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "thinpro",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "smart zero core",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.302"
},
{
"model": "imc plat e0303p06",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "imc shm e0301p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "thinpro",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "smart zero core",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"model": "imc shm",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "thinpro",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "smart zero core",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "smart zero core",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.481"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
}
],
"sources": [
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.0.302",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.204",
"versionStartIncluding": "18.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.481",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Project Zero and Morgan Marquis-Boire",
"sources": [
{
"db": "BID",
"id": "75568"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5122",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-5122",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-83083",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-5122",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-357",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-83083",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5122",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015. Adobe Flash Player Use freed memory (use-after-free) Vulnerabilities exist. Adobe Flash Player Is ActionScript 3 of opaqueBackground Freed memory used due to processing (use-after-free) Vulnerabilities exist. It is possible to destroy memory by exploiting this vulnerability. Note that this vulnerability Proof-of-Concept The code has been released. opaqueBackground http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/display/DisplayObject.html#opaqueBackground In addition, National Vulnerability Database (NVD) Then CWE-416 It is published as CWE-416: Use After Free http://cwe.mitre.org/data/definitions/416.htmlThe user who uses the product has been crafted Flash Accessed or crafted websites containing content Microsoft Office Opening a document may lead to arbitrary code execution on the user\u0027s web browser. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. (widely exploited in July 2015). \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.508\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107\n[ 2 ] CVE-2015-5122\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122\n[ 3 ] CVE-2015-5123\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123\n[ 4 ] CVE-2015-5124\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124\n[ 5 ] CVE-2015-5125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125\n[ 6 ] CVE-2015-5127\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127\n[ 7 ] CVE-2015-5129\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129\n[ 8 ] CVE-2015-5130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130\n[ 9 ] CVE-2015-5131\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131\n[ 10 ] CVE-2015-5132\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132\n[ 11 ] CVE-2015-5133\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133\n[ 12 ] CVE-2015-5134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134\n[ 13 ] CVE-2015-5539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539\n[ 14 ] CVE-2015-5540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540\n[ 15 ] CVE-2015-5541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541\n[ 16 ] CVE-2015-5544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544\n[ 17 ] CVE-2015-5545\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545\n[ 18 ] CVE-2015-5546\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546\n[ 19 ] CVE-2015-5547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547\n[ 20 ] CVE-2015-5548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548\n[ 21 ] CVE-2015-5549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549\n[ 22 ] CVE-2015-5550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550\n[ 23 ] CVE-2015-5551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551\n[ 24 ] CVE-2015-5552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552\n[ 25 ] CVE-2015-5553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553\n[ 26 ] CVE-2015-5554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554\n[ 27 ] CVE-2015-5555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555\n[ 28 ] CVE-2015-5556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556\n[ 29 ] CVE-2015-5557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557\n[ 30 ] CVE-2015-5558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558\n[ 31 ] CVE-2015-5559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559\n[ 32 ] CVE-2015-5560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560\n[ 33 ] CVE-2015-5561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561\n[ 34 ] CVE-2015-5562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562\n[ 35 ] CVE-2015-5563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563\n[ 36 ] CVE-2015-5564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564\n[ 37 ] CVE-2015-5965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201508-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2015:1235-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1235.html\nIssue date: 2015-07-16\nCVE Names: CVE-2015-5122 CVE-2015-5123 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes two security issues is now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-18\nlisted in the References section. \n\nTwo flaws were found in the way flash-plugin displayed certain SWF content. \nAn attacker could use these flaws to create a specially crafted SWF file\nthat would cause flash-plugin to crash or, potentially, execute arbitrary\ncode when the victim loaded a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1242216 - CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-5122\nhttps://access.redhat.com/security/cve/CVE-2015-5123\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-18.html\nhttps://helpx.adobe.com/security/products/flash-player/apsa15-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVp+WCXlSAg2UNWIIRAsPvAKC4jqtQIpeXv33Wj/vKMotQ4sdPZwCgibDD\nMzLG3LQTopnph72hflS2aDE=\n=XzfT\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04796784\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04796784\nVersion: 1\n\nHPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service,\nUnauthorized Access to Data\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-14\nLast Updated: 2015-09-14\n\nPotential Security Impact: Remote Denial of Service (DoS), Unauthorized\nAccess to Data\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nHP has released updates to the HP ThinPro and HP Smart Zero Core operating\nsystems to address two vulnerabilities found in Adobe Flash Player versions\nv11.x through v11.2.202.481 on Linux. \n\nReferences:\n\nCVE-2015-5122\nCVE-2015-5123\nSSRT102253\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Smart Zero Core v4.4\nHP Smart Zero Core v5.0\nHP Smart Zero Core v5.1\nHP Smart Zero Core v5.2\nHP ThinPro v4.4\nHP ThinPro v5.0\nHP ThinPro v5.1\nHP ThinPro v5.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released updates to the HP ThinPro and HP Smart Zero Core operating\nsystems to address these Adobe Flash Player vulnerabilities. \n\nHP ThinPro 4.4 and HP Smart Zero Core 4.4 http://ftp.hp.com/pub/tcdebian/upda\ntes/4.4/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.0 and HP Smart Zero Core 5.0 http://ftp.hp.com/pub/tcdebian/upda\ntes/5.0/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.1 and HP Smart Zero Core 5.1 http://ftp.hp.com/pub/tcdebian/upda\ntes/5.1/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.2 and HP Smart Zero Core 5.2 ( http://ftp.hp.com/pub/tcdebian/up\ndates/5.2/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\n\nHISTORY\nVersion:1 (rev.1) - 14 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. The vulnerabilities could\nbe exploited remotely resulting in execution of code or Denial of Service\n(DoS). \n\n - iMC PLAT prior to 7.1 E0303P16\n - iMC SHM prior to 7.1 E0301P05\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHPE has provided the following software updates to resolve the\nvulnerabilities in iMC SHM and iMC PLAT. \n\n+ iMC SHM 7.1 E0301P05 or later for the following Products/SKUs:\n\n - JG398A HP IMC Service Health Manager Software Module License\n - JG398AAE HP IMC Service Health Manager Software Module E-LTU\n\n+ iMC PLAT 7.1 E0303P16 or later for the following Products/SKUs:\n\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center Upgrade\nE-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n - JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n - JG659AAE HP IMC Smart Connect VAE E-LTU\n - JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU\n - JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 28 January 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5122"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
},
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "PACKETSTORM",
"id": "135499"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83083",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37599",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5122",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#338736",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA15-195A",
"trust": 2.6
},
{
"db": "BID",
"id": "75712",
"trust": 2.1
},
{
"db": "PACKETSTORM",
"id": "132663",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "37599",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1032890",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU93769860",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "VU#561288",
"trust": 0.3
},
{
"db": "BID",
"id": "75568",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "133562",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132713",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-83083",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5122",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133099",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135499",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "PACKETSTORM",
"id": "135499"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"id": "VAR-201507-0105",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83083"
}
],
"trust": 0.01
},
"last_update_date": "2024-04-19T22:16:04.240000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Flash Player \u3092\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u65b9\u6cd5",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/flash-player/kb/230810.html"
},
{
"title": "DisplayObject - AS3 (opaqueBackground)",
"trust": 0.8,
"url": "http://help.adobe.com/en_us/flashplatform/reference/actionscript/3/flash/display/displayobject.html#opaquebackground"
},
{
"title": "APSA15-04",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html"
},
{
"title": "APSB15-18",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html"
},
{
"title": "APSA15-04",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsa15-04.html"
},
{
"title": "APSB15-18",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb15-18.html"
},
{
"title": "RHSA-2015:1235",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2015-1235.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150716f.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/28/angler_exploit_kit_now_hooking_execs_with_xmas_flash_hole/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/11/exploit_kits_throw_flash_bash_party_invites_crypt0l0cker_spam_bots/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/21/the_roots_go_deep_kill_adobe_flash_kill_it_everywhere_bod_says/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/16/mozilla_unblocks_flash_firefox/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/14/adobe_flash_patch_tuesday/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/14/firefox_blocks_flash/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/"
},
{
"title": "Red Hat: CVE-2015-5122",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-5122"
},
{
"title": "Adobe-Flash-Exploits_17-18",
"trust": 0.1,
"url": "https://github.com/xattam1/adobe-flash-exploits_cve-2015-3090_cve-2015-3105_cve-2015-5119_cve-2015-5122 "
},
{
"title": "Adobe-Flash-Exploits_17-18",
"trust": 0.1,
"url": "https://github.com/xattam1/adobe-flash-exploits_17-18 "
},
{
"title": "APTnotes",
"trust": 0.1,
"url": "https://github.com/s0wr0b1ndef/aptnotes "
},
{
"title": "APTnotes",
"trust": 0.1,
"url": "https://github.com/kbandla/aptnotes "
},
{
"title": "AOT",
"trust": 0.1,
"url": "https://github.com/cone4/aot "
},
{
"title": "APT_CyberCriminal_Campagin_Collections",
"trust": 0.1,
"url": "https://github.com/denmilu/apt_cybercriminal_campagin_collections "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/usa-is-the-top-country-for-hosting-malicious-domains-according-to-report/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/updated-rig-exploit-kit-closing-in-on-1-million-victims/114108/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-campaign-targeting-japanese-with-hackingteam-zero-day/113848/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/flash-player-update-patches-two-hacking-team-zero-days/113776/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/07/14/adobe_response_to_security_holes/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/hacking-team-promises-to-rebuild-controversial-surveillance-software/113743/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/338736"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/ncas/alerts/ta15-195a"
},
{
"trust": 2.2,
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html"
},
{
"trust": 2.1,
"url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/75712"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/37599/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1235.html"
},
{
"trust": 1.8,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04952467"
},
{
"trust": 1.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04796784"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/132663/adobe-flash-opaquebackground-use-after-free.html"
},
{
"trust": 1.8,
"url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf"
},
{
"trust": 1.8,
"url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/"
},
{
"trust": 1.8,
"url": "https://perception-point.io/new/breaking-cfi.php"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032890"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5122"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20150713-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150024.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150020.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta97243368/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93769860/index.html"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5122"
},
{
"trust": 0.8,
"url": "http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=16617"
},
{
"trust": 0.6,
"url": "https://www.adobe.com/software/flash/about/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5122"
},
{
"trust": 0.3,
"url": "http://malware.dontneedcoffee.com/2015/07/hackingteam-flash-0d-cve-2015-xxxx-and.html"
},
{
"trust": 0.3,
"url": "https://twitter.com/w3bd3vil/status/618168863708962816"
},
{
"trust": 0.3,
"url": "https://github.com/rapid7/metasploit-framework/tree/master/data/exploits/cve-2015-5122"
},
{
"trust": 0.3,
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/"
},
{
"trust": 0.3,
"url": "https://technet.microsoft.com/library/security/2755801"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-03.html"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/561288"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04796784"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04952467"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5123"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5122"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144050155601375\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/updated-rig-exploit-kit-closing-in-on-1-million-victims/114108/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5131"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5123"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5132"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5125"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5545"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5131"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5124"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5129"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5544"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5539"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5122"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5132"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5556"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5539"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5124"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5545"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5546"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5559"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5555"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5549"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-5123"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/up"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/upda"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3113"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "PACKETSTORM",
"id": "135499"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83083"
},
{
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "PACKETSTORM",
"id": "135499"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-14T00:00:00",
"db": "VULHUB",
"id": "VHN-83083"
},
{
"date": "2015-07-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"date": "2015-07-07T00:00:00",
"db": "BID",
"id": "75568"
},
{
"date": "2015-07-13T00:00:00",
"db": "BID",
"id": "75712"
},
{
"date": "2015-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"date": "2015-08-17T15:41:19",
"db": "PACKETSTORM",
"id": "133099"
},
{
"date": "2015-07-16T19:04:43",
"db": "PACKETSTORM",
"id": "132713"
},
{
"date": "2015-09-17T03:26:49",
"db": "PACKETSTORM",
"id": "133562"
},
{
"date": "2016-01-29T14:06:11",
"db": "PACKETSTORM",
"id": "135499"
},
{
"date": "2015-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"date": "2015-07-14T10:59:00.213000",
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83083"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5122"
},
{
"date": "2017-10-04T21:01:00",
"db": "BID",
"id": "75568"
},
{
"date": "2017-10-04T21:01:00",
"db": "BID",
"id": "75712"
},
{
"date": "2015-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003533"
},
{
"date": "2019-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-357"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-5122"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-357"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player (opaqueBackground) Freed memory used (use-after-free) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003533"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "75568"
},
{
"db": "BID",
"id": "75712"
}
],
"trust": 0.6
}
}
VAR-201507-0106
Vulnerability from variot - Updated: 2024-04-19 20:31Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015. Adobe Flash Player Use freed memory (use-after-free) Vulnerabilities exist. Adobe Flash Player Is ActionScript 3 of BitmapData Freed memory used due to processing (use-after-free) Vulnerabilities exist. It is possible to destroy memory by exploiting this vulnerability. Note that this vulnerability Proof-of-Concept The code has been released. BitmapData http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/display/BitmapData.html In addition, National Vulnerability Database (NVD) Then CWE-416 It is published as CWE-416: Use After Free http://cwe.mitre.org/data/definitions/416.htmlThe user who uses the product has been crafted Flash Accessed or crafted websites containing content Microsoft Office Opening a document may lead to arbitrary code execution on the user's web browser. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. (widely exploited in July 2015).
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.508"
References
[ 1 ] CVE-2015-3107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107 [ 2 ] CVE-2015-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122 [ 3 ] CVE-2015-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123 [ 4 ] CVE-2015-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124 [ 5 ] CVE-2015-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125 [ 6 ] CVE-2015-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127 [ 7 ] CVE-2015-5129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129 [ 8 ] CVE-2015-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130 [ 9 ] CVE-2015-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131 [ 10 ] CVE-2015-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132 [ 11 ] CVE-2015-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133 [ 12 ] CVE-2015-5134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134 [ 13 ] CVE-2015-5539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539 [ 14 ] CVE-2015-5540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540 [ 15 ] CVE-2015-5541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541 [ 16 ] CVE-2015-5544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544 [ 17 ] CVE-2015-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545 [ 18 ] CVE-2015-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546 [ 19 ] CVE-2015-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547 [ 20 ] CVE-2015-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548 [ 21 ] CVE-2015-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549 [ 22 ] CVE-2015-5550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550 [ 23 ] CVE-2015-5551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551 [ 24 ] CVE-2015-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552 [ 25 ] CVE-2015-5553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553 [ 26 ] CVE-2015-5554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554 [ 27 ] CVE-2015-5555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555 [ 28 ] CVE-2015-5556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556 [ 29 ] CVE-2015-5557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557 [ 30 ] CVE-2015-5558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558 [ 31 ] CVE-2015-5559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559 [ 32 ] CVE-2015-5560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560 [ 33 ] CVE-2015-5561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561 [ 34 ] CVE-2015-5562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562 [ 35 ] CVE-2015-5563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563 [ 36 ] CVE-2015-5564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564 [ 37 ] CVE-2015-5965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201508-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:1235-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1235.html Issue date: 2015-07-16 CVE Names: CVE-2015-5122 CVE-2015-5123 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-18 listed in the References section.
Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1242216 - CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.491-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.491-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.491-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.491-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
x86_64: flash-plugin-11.2.202.491-1.el6_6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-5122 https://access.redhat.com/security/cve/CVE-2015-5123 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-18.html https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVp+WCXlSAg2UNWIIRAsPvAKC4jqtQIpeXv33Wj/vKMotQ4sdPZwCgibDD MzLG3LQTopnph72hflS2aDE= =XzfT -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04796784
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04796784 Version: 1
HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-14 Last Updated: 2015-09-14
Potential Security Impact: Remote Denial of Service (DoS), Unauthorized Access to Data
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address two vulnerabilities found in Adobe Flash Player versions v11.x through v11.2.202.481 on Linux.
References:
CVE-2015-5122 CVE-2015-5123 SSRT102253
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Smart Zero Core v4.4 HP Smart Zero Core v5.0 HP Smart Zero Core v5.1 HP Smart Zero Core v5.2 HP ThinPro v4.4 HP ThinPro v5.0 HP ThinPro v5.1 HP ThinPro v5.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address these Adobe Flash Player vulnerabilities.
HP ThinPro 4.4 and HP Smart Zero Core 4.4 http://ftp.hp.com/pub/tcdebian/upda tes/4.4/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.0 and HP Smart Zero Core 5.0 http://ftp.hp.com/pub/tcdebian/upda tes/5.0/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.1 and HP Smart Zero Core 5.1 http://ftp.hp.com/pub/tcdebian/upda tes/5.1/service_packs/flash11.2.202.491-4.4-5.2-x86.xar HP ThinPro 5.2 and HP Smart Zero Core 5.2 ( http://ftp.hp.com/pub/tcdebian/up dates/5.2/service_packs/flash11.2.202.491-4.4-5.2-x86.xar
HISTORY Version:1 (rev.1) - 14 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201507-0106",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.203"
},
{
"model": "evergreen",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "13.0.0.302"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0"
},
{
"model": "flash player desktop runtime",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "13.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.481"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.0 from 18.0.0.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.425"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.440"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.451"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.438"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.429"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.411"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.424"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.442"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
}
],
"sources": [
{
"db": "BID",
"id": "75710"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.481",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.0.302",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:chrome:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.203",
"versionStartIncluding": "18.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Pi of TrendMicro and slipstream/RoL (@TheWack0lian)",
"sources": [
{
"db": "BID",
"id": "75710"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5123",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-5123",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-83084",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-5123",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-358",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-83084",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5123",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015. Adobe Flash Player Use freed memory (use-after-free) Vulnerabilities exist. Adobe Flash Player Is ActionScript 3 of BitmapData Freed memory used due to processing (use-after-free) Vulnerabilities exist. It is possible to destroy memory by exploiting this vulnerability. Note that this vulnerability Proof-of-Concept The code has been released. BitmapData http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/display/BitmapData.html In addition, National Vulnerability Database (NVD) Then CWE-416 It is published as CWE-416: Use After Free http://cwe.mitre.org/data/definitions/416.htmlThe user who uses the product has been crafted Flash Accessed or crafted websites containing content Microsoft Office Opening a document may lead to arbitrary code execution on the user\u0027s web browser. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. (widely exploited in July 2015). \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.508\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107\n[ 2 ] CVE-2015-5122\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122\n[ 3 ] CVE-2015-5123\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123\n[ 4 ] CVE-2015-5124\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124\n[ 5 ] CVE-2015-5125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125\n[ 6 ] CVE-2015-5127\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127\n[ 7 ] CVE-2015-5129\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129\n[ 8 ] CVE-2015-5130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130\n[ 9 ] CVE-2015-5131\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131\n[ 10 ] CVE-2015-5132\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132\n[ 11 ] CVE-2015-5133\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133\n[ 12 ] CVE-2015-5134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134\n[ 13 ] CVE-2015-5539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539\n[ 14 ] CVE-2015-5540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540\n[ 15 ] CVE-2015-5541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541\n[ 16 ] CVE-2015-5544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544\n[ 17 ] CVE-2015-5545\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545\n[ 18 ] CVE-2015-5546\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546\n[ 19 ] CVE-2015-5547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547\n[ 20 ] CVE-2015-5548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548\n[ 21 ] CVE-2015-5549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549\n[ 22 ] CVE-2015-5550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550\n[ 23 ] CVE-2015-5551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551\n[ 24 ] CVE-2015-5552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552\n[ 25 ] CVE-2015-5553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553\n[ 26 ] CVE-2015-5554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554\n[ 27 ] CVE-2015-5555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555\n[ 28 ] CVE-2015-5556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556\n[ 29 ] CVE-2015-5557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557\n[ 30 ] CVE-2015-5558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558\n[ 31 ] CVE-2015-5559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559\n[ 32 ] CVE-2015-5560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560\n[ 33 ] CVE-2015-5561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561\n[ 34 ] CVE-2015-5562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562\n[ 35 ] CVE-2015-5563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563\n[ 36 ] CVE-2015-5564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564\n[ 37 ] CVE-2015-5965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201508-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2015:1235-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1235.html\nIssue date: 2015-07-16\nCVE Names: CVE-2015-5122 CVE-2015-5123 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes two security issues is now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-18\nlisted in the References section. \n\nTwo flaws were found in the way flash-plugin displayed certain SWF content. \nAn attacker could use these flaws to create a specially crafted SWF file\nthat would cause flash-plugin to crash or, potentially, execute arbitrary\ncode when the victim loaded a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1242216 - CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.491-1.el6_6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-5122\nhttps://access.redhat.com/security/cve/CVE-2015-5123\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-18.html\nhttps://helpx.adobe.com/security/products/flash-player/apsa15-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVp+WCXlSAg2UNWIIRAsPvAKC4jqtQIpeXv33Wj/vKMotQ4sdPZwCgibDD\nMzLG3LQTopnph72hflS2aDE=\n=XzfT\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04796784\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04796784\nVersion: 1\n\nHPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service,\nUnauthorized Access to Data\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-14\nLast Updated: 2015-09-14\n\nPotential Security Impact: Remote Denial of Service (DoS), Unauthorized\nAccess to Data\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nHP has released updates to the HP ThinPro and HP Smart Zero Core operating\nsystems to address two vulnerabilities found in Adobe Flash Player versions\nv11.x through v11.2.202.481 on Linux. \n\nReferences:\n\nCVE-2015-5122\nCVE-2015-5123\nSSRT102253\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Smart Zero Core v4.4\nHP Smart Zero Core v5.0\nHP Smart Zero Core v5.1\nHP Smart Zero Core v5.2\nHP ThinPro v4.4\nHP ThinPro v5.0\nHP ThinPro v5.1\nHP ThinPro v5.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released updates to the HP ThinPro and HP Smart Zero Core operating\nsystems to address these Adobe Flash Player vulnerabilities. \n\nHP ThinPro 4.4 and HP Smart Zero Core 4.4 http://ftp.hp.com/pub/tcdebian/upda\ntes/4.4/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.0 and HP Smart Zero Core 5.0 http://ftp.hp.com/pub/tcdebian/upda\ntes/5.0/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.1 and HP Smart Zero Core 5.1 http://ftp.hp.com/pub/tcdebian/upda\ntes/5.1/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\nHP ThinPro 5.2 and HP Smart Zero Core 5.2 ( http://ftp.hp.com/pub/tcdebian/up\ndates/5.2/service_packs/flash11.2.202.491-4.4-5.2-x86.xar\n\nHISTORY\nVersion:1 (rev.1) - 14 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "BID",
"id": "75710"
},
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5123",
"trust": 3.2
},
{
"db": "USCERT",
"id": "TA15-195A",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#918568",
"trust": 2.6
},
{
"db": "BID",
"id": "75710",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032890",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU94770908",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-83084",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5123",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133099",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132713",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133562",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "BID",
"id": "75710"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"id": "VAR-201507-0106",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83084"
}
],
"trust": 0.01
},
"last_update_date": "2024-04-19T20:31:50.284000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Flash Player \u3092\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u65b9\u6cd5",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/flash-player/kb/230810.html"
},
{
"title": "BitmapData - AS3 ",
"trust": 0.8,
"url": "http://help.adobe.com/en_us/flashplatform/reference/actionscript/3/flash/display/bitmapdata.html"
},
{
"title": "APSA15-04",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html"
},
{
"title": "APSB15-18",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html"
},
{
"title": "APSA15-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsa15-04.html"
},
{
"title": "APSB15-18",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb15-18.html"
},
{
"title": "RHSA-2015:1235",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2015-1235.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150716f.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/21/the_roots_go_deep_kill_adobe_flash_kill_it_everywhere_bod_says/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/14/adobe_flash_patch_tuesday/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/14/firefox_blocks_flash/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/"
},
{
"title": "Red Hat: CVE-2015-5123",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-5123"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-campaign-targeting-japanese-with-hackingteam-zero-day/113848/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/flash-player-update-patches-two-hacking-team-zero-days/113776/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/07/14/adobe_response_to_security_holes/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/hacking-team-promises-to-rebuild-controversial-surveillance-software/113743/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.us-cert.gov/ncas/alerts/ta15-195a"
},
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/918568"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1235.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/75710"
},
{
"trust": 1.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04796784"
},
{
"trust": 1.8,
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032890"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5123"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20150713-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150024.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150020.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta97243368/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94770908/index.html"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5123"
},
{
"trust": 0.8,
"url": "http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=16617"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5123"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5122"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5123"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144050155601375\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/hacking-team-promises-to-rebuild-controversial-surveillance-software/113743/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5131"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5123"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5132"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5125"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5545"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5131"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5124"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5129"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5544"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5539"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5122"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5132"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5556"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5539"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5124"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5545"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5546"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5559"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5555"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5549"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-5122"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/up"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/upda"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83084"
},
{
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"db": "BID",
"id": "75710"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "132713"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-14T00:00:00",
"db": "VULHUB",
"id": "VHN-83084"
},
{
"date": "2015-07-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"date": "2015-07-12T00:00:00",
"db": "BID",
"id": "75710"
},
{
"date": "2015-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"date": "2015-08-17T15:41:19",
"db": "PACKETSTORM",
"id": "133099"
},
{
"date": "2015-07-16T19:04:43",
"db": "PACKETSTORM",
"id": "132713"
},
{
"date": "2015-09-17T03:26:49",
"db": "PACKETSTORM",
"id": "133562"
},
{
"date": "2015-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"date": "2015-07-14T10:59:01.337000",
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83084"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5123"
},
{
"date": "2015-11-03T19:07:00",
"db": "BID",
"id": "75710"
},
{
"date": "2015-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003534"
},
{
"date": "2019-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-358"
},
{
"date": "2021-09-08T17:19:26.453000",
"db": "NVD",
"id": "CVE-2015-5123"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "133099"
},
{
"db": "PACKETSTORM",
"id": "133562"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player (BitmapData) Freed memory used (use-after-free) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003534"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-358"
}
],
"trust": 0.6
}
}
VAR-201603-0070
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820. This vulnerability CVE-2015-8045 , CVE-2015-8047 , CVE-2015-8060 , CVE-2015-8408 , CVE-2015-8416 , CVE-2015-8417 , CVE-2015-8418 , CVE-2015-8419 , CVE-2015-8443 , CVE-2015-8444 , CVE-2015-8451 , CVE-2015-8455 , CVE-2015-8652 , CVE-2015-8654 , CVE-2015-8656 , CVE-2015-8657 ,and CVE-2015-8820 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force the dereference of an uninitialized pointer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0070",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8658"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8658",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8658",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8658",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86619",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8658",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8658",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-040",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86619",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8658",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820. This vulnerability CVE-2015-8045 , CVE-2015-8047 , CVE-2015-8060 , CVE-2015-8408 , CVE-2015-8416 , CVE-2015-8417 , CVE-2015-8418 , CVE-2015-8419 , CVE-2015-8443 , CVE-2015-8444 , CVE-2015-8451 , CVE-2015-8455 , CVE-2015-8652 , CVE-2015-8654 , CVE-2015-8656 , CVE-2015-8657 ,and CVE-2015-8820 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force the dereference of an uninitialized pointer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8658",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-662",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3439",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86619",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8658",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"id": "VAR-201603-0070",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86619"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.601000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60401"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-662"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8658"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8658"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=44054"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"db": "VULHUB",
"id": "VHN-86619"
},
{
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86619"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"date": "2016-03-04T23:59:07.843000",
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-662"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86619"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8658"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006970"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8658"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006970"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-040"
}
],
"trust": 0.6
}
}
VAR-201603-0071
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8652"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8652",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8652",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8652",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86613",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8652",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8652",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-034",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86613",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8652",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8652",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-656",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3416",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86613",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8652",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"id": "VAR-201603-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86613"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.469000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60395"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-656"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8652"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8652"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=44052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"db": "VULHUB",
"id": "VHN-86613"
},
{
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86613"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"date": "2016-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"date": "2016-03-04T23:59:00.127000",
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-656"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86613"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8652"
},
{
"date": "2016-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006961"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8652"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006961"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-034"
}
],
"trust": 0.6
}
}
VAR-201603-0073
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8654"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8654",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8654",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8654",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86615",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8654",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8654",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-036",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86615",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8654",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8654",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-658",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3415",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86615",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8654",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"id": "VAR-201603-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86615"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.435000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60397"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-658"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8654"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8654"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2593"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"db": "VULHUB",
"id": "VHN-86615"
},
{
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86615"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"date": "2016-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"date": "2016-03-04T23:59:03.280000",
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-658"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86615"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8654"
},
{
"date": "2016-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006963"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8654"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006963"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-036"
}
],
"trust": 0.6
}
}
VAR-201603-0052
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0052",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8820"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8820",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8820",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86781",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8820",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8820",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-041",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86781",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8820",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8820",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-661",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3437",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86781",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8820",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"id": "VAR-201603-0052",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86781"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.501000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60402"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-661"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8820"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8820"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2593"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"db": "VULHUB",
"id": "VHN-86781"
},
{
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86781"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"date": "2016-03-04T23:59:08.890000",
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-661"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86781"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8820"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006971"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8820"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006971"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-041"
}
],
"trust": 0.6
}
}
VAR-201603-0068
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0068",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8656"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8656",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8656",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8656",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86617",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8656",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8656",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-038",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86617",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8656",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8656",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-659",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3436",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86617",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8656",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"id": "VAR-201603-0068",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86617"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.535000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60399"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-659"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8656"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8656"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2593"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"db": "VULHUB",
"id": "VHN-86617"
},
{
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86617"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"date": "2016-03-04T23:59:05.390000",
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-659"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86617"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8656"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006968"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8656"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006968"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-038"
}
],
"trust": 0.6
}
}
VAR-201603-0069
Vulnerability from variot - Updated: 2023-12-18 12:57Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0069",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8657"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8657",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8657",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8657",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86618",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8657",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8657",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-039",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86618",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8657",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force Adobe Flash to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute code under the context of the current process. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8657",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-660",
"trust": 2.5
},
{
"db": "BID",
"id": "84160",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3435",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86618",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8657",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"id": "VAR-201603-0069",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86618"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:39.568000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60400"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84160"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-660"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8657"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8657"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2593"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"db": "VULHUB",
"id": "VHN-86618"
},
{
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86618"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"date": "2016-03-04T23:59:06.640000",
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-660"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86618"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8657"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006969"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8657"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006969"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-039"
}
],
"trust": 0.6
}
}
VAR-201603-0054
Vulnerability from variot - Updated: 2023-12-18 12:44Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8653 , CVE-2015-8655 ,and CVE-2015-8821 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers MPEG-4 An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "BID",
"id": "90891"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8822"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8822",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8822",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8822",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86783",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8822",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8822",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-043",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86783",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8822",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "VULHUB",
"id": "VHN-86783"
},
{
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8653 , CVE-2015-8655 ,and CVE-2015-8821 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers MPEG-4 An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "BID",
"id": "90891"
},
{
"db": "VULHUB",
"id": "VHN-86783"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8822",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-664",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3434",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043",
"trust": 0.7
},
{
"db": "BID",
"id": "90891",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-86783",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8822",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "VULHUB",
"id": "VHN-86783"
},
{
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"db": "BID",
"id": "90891"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"id": "VAR-201603-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86783"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:44:55.877000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60404"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86783"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-664"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8822"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8822"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/90891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2593"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "VULHUB",
"id": "VHN-86783"
},
{
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"db": "BID",
"id": "90891"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"db": "VULHUB",
"id": "VHN-86783"
},
{
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"db": "BID",
"id": "90891"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-86783"
},
{
"date": "2016-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"date": "2016-03-02T00:00:00",
"db": "BID",
"id": "90891"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"date": "2016-03-04T23:59:10.687000",
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"date": "2016-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-664"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86783"
},
{
"date": "2023-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8822"
},
{
"date": "2016-03-02T00:00:00",
"db": "BID",
"id": "90891"
},
{
"date": "2016-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006973"
},
{
"date": "2023-05-08T13:29:02.290000",
"db": "NVD",
"id": "CVE-2015-8822"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006973"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-043"
}
],
"trust": 0.6
}
}
VAR-201604-0200
Vulnerability from variot - Updated: 2023-12-18 12:30Adobe Flash Player and Adobe AIR of TextField Use of freed memory for object implementation (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8653 , CVE-2015-8655 , CVE-2015-8821 ,and CVE-2015-8822 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers text Arbitrary code may be executed via the property. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TextField object. By manipulating the text property of a TextField, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier versions, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier versions based on Windows 10, Adobe Flash Player for Internet Explorer 10 and 11 19.0 based on Windows 8.0 and 8.1 platforms .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.548"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "19.0.0.241"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "47.0.2526.80 (windows/macintosh/linux/chrome os)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.204 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.204 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.554 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.268 (windows/macintosh)"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(windows 10)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "BID",
"id": "90890"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.0:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.261",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.548",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.241",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0.0.245",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8823"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
}
],
"trust": 0.7
},
"cve": "CVE-2015-8823",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-8823",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8823",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-86784",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-8823",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8823",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-8823",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-545",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-86784",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-8823",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "VULHUB",
"id": "VHN-86784"
},
{
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR of TextField Use of freed memory for object implementation (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8653 , CVE-2015-8655 , CVE-2015-8821 ,and CVE-2015-8822 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers text Arbitrary code may be executed via the property. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TextField object. By manipulating the text property of a TextField, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier versions, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier versions based on Windows 10, Adobe Flash Player for Internet Explorer 10 and 11 19.0 based on Windows 8.0 and 8.1 platforms .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "BID",
"id": "90890"
},
{
"db": "VULHUB",
"id": "VHN-86784"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8823",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-665",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3357",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545",
"trust": 0.7
},
{
"db": "BID",
"id": "90890",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-86784",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8823",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "VULHUB",
"id": "VHN-86784"
},
{
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"db": "BID",
"id": "90890"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"id": "VAR-201604-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86784"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:30:03.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-32",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"title": "APSB15-32",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html"
},
{
"title": "Stable Channel Update for Chrome OS",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151210f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=61229"
},
{
"title": "Red Hat: CVE-2015-8823",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-8823"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-665"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8823"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2015/at150042.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8823"
},
{
"trust": 0.8,
"url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/90890"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8823"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "VULHUB",
"id": "VHN-86784"
},
{
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"db": "BID",
"id": "90890"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"db": "VULHUB",
"id": "VHN-86784"
},
{
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"db": "BID",
"id": "90890"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-15T00:00:00",
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"date": "2016-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-86784"
},
{
"date": "2016-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"date": "2016-04-15T00:00:00",
"db": "BID",
"id": "90890"
},
{
"date": "2016-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"date": "2016-04-22T18:59:00.110000",
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"date": "2016-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-15T00:00:00",
"db": "ZDI",
"id": "ZDI-15-665"
},
{
"date": "2016-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-86784"
},
{
"date": "2023-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8823"
},
{
"date": "2016-07-06T14:51:00",
"db": "BID",
"id": "90890"
},
{
"date": "2016-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007107"
},
{
"date": "2023-05-15T18:57:00.297000",
"db": "NVD",
"id": "CVE-2015-8823"
},
{
"date": "2016-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR of TextField Vulnerability in arbitrary code execution in object implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007107"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-545"
}
],
"trust": 0.6
}
}
VAR-201501-0117
Vulnerability from variot - Updated: 2023-12-18 12:07Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlAn attacker could execute arbitrary code. Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:0094-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0094.html Issue date: 2015-01-27 CVE Names: CVE-2015-0310 CVE-2015-0311 CVE-2015-0312 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-02, and APSB15-03, listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1185137 - CVE-2015-0310 flash-plugin: Vulnerability that could be used to circumvent memory randomization mitigations (APSB15-02) 1185296 - CVE-2015-0311 CVE-2015-0312 flash-plugin: multiple critical vulnerabilities (APSA15-01)(APSB15-03)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.440-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.440-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.440-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.440-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.440-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.440-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.440-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0310 https://access.redhat.com/security/cve/CVE-2015-0311 https://access.redhat.com/security/cve/CVE-2015-0312 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-02.html https://helpx.adobe.com/security/products/flash-player/apsb15-03.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUyAGGXlSAg2UNWIIRAi1BAJ9Q5Uq7Z9D/i5dIrMbLRMK/TUbVpQCfZhjG Xjm8B3oIdHx7wx6dzJxrEAw= =70K0 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0117",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "16.0.0.287"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.438"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "16.0.0.287"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "13.0.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "13.0.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "13.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "13.0.0.231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.291"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.275"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.273"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.2.202.258"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "40.0.2214.93 (windows/machintosh/linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.440 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "16.0.0.296 (internet explorer 10/11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "16.0.0.296 (windows/machintosh/linux edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 16.0.0.296 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 13.0.0.264 (windows/macintosh)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (windows 8/windows server 2012/windows rt)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1)"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "11"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0179"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0177"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0176"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0259"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0252"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0214"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0182"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.070"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700275"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700232"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700169"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.6.602105"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502131"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502124"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502118"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.50080"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.4.400231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300271"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300270"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300268"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300250"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300231"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300214"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.20295"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202425"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202418"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202400"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202359"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202350"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202346"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202341"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202297"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202236"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202221"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202197"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202160"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.11569"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.11554"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.11164"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.11150"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.198"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.160"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1129"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.291"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.287"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.246"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.242"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.239"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.189"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.0.0.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.145"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "14.0.0.125"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.258"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.250"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.244"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.241"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.206"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.201"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.0.0.77"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.0.0.44"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.0.0.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.0.0.41"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12.0.0.38"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.9.900.170"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.9.900.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.9.900.117"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.8.800.97"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.8.800.94"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.8.800.170"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.8.800.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.279"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.272"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.269"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.261"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.252"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.242"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.225"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.224"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.203"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.7.700.202"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.6.602.180"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.6.602.171"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502.149"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502.146"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502.136"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502.135"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.4.402.287"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.4.402.278"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.4.402.265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.378.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.31.230"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300.273"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.438"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.429"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.424"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.411"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.406"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.394"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.378"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.356"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.336"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.335"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.332"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.327"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.310"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.285"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.243"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.81"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.59"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.58"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.48"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.73"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.54"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.44"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.86"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.75"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.68"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.67"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.50"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.48"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.29"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.52.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.17"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2.54"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "16.0.0.296"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "13.0.0.264"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.440"
}
],
"sources": [
{
"db": "BID",
"id": "72343"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.438",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.287",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.287",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:extended_support:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.0.262",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.287",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bilou working with the Chromium Vulnerability Rewards Program",
"sources": [
{
"db": "BID",
"id": "72343"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-0312",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-78258",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-0312",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0312",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-668",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-78258",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-0312",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlAn attacker could execute arbitrary code. Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2015:0094-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0094.html\nIssue date: 2015-01-27\nCVE Names: CVE-2015-0310 CVE-2015-0311 CVE-2015-0312 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-02, and\nAPSB15-03, listed in the References section. \n\nMultiple flaws were found in the way flash-plugin displayed certain SWF\ncontent. An attacker could use these flaws to create a specially crafted\nSWF file that would cause flash-plugin to crash or, potentially, execute\narbitrary code when the victim loaded a page containing the malicious SWF\ncontent. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1185137 - CVE-2015-0310 flash-plugin: Vulnerability that could be used to circumvent memory randomization mitigations (APSB15-02)\n1185296 - CVE-2015-0311 CVE-2015-0312 flash-plugin: multiple critical vulnerabilities (APSA15-01)(APSB15-03)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.440-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.440-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.440-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.440-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.440-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0310\nhttps://access.redhat.com/security/cve/CVE-2015-0311\nhttps://access.redhat.com/security/cve/CVE-2015-0312\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-02.html\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-03.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUyAGGXlSAg2UNWIIRAi1BAJ9Q5Uq7Z9D/i5dIrMbLRMK/TUbVpQCfZhjG\nXjm8B3oIdHx7wx6dzJxrEAw=\n=70K0\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "BID",
"id": "72343"
},
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "PACKETSTORM",
"id": "130128"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0312",
"trust": 3.0
},
{
"db": "BID",
"id": "72343",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "62543",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "62660",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "62432",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1031634",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-78258",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-0312",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130128",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "BID",
"id": "72343"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "PACKETSTORM",
"id": "130128"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"id": "VAR-201501-0117",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-78258"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:07:44.546000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-03",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html"
},
{
"title": "APSB15-03",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb15-03.html"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2015/01/stable-channel-update_26.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/2755801"
},
{
"title": "Internet Explorer \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150129f.html"
},
{
"title": "flashplayer_16.0.0.296_sa_debug",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=53510"
},
{
"title": "flashplayer_16.0.0.296_ax_debug",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=53509"
},
{
"title": "flashplayer_13.0.0.264_plugin_debug",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=53508"
},
{
"title": "flashplayer_13.0.0.264_ax_debug",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=53507"
},
{
"title": "flashplayer_11.2.202.440_plugin_debug.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=53511"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/01/27/adobe_issues_second_emergency_flash_patch_this_month/"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20150094 - security advisory"
},
{
"title": "Red Hat: CVE-2015-0312",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-0312"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-415",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html"
},
{
"trust": 2.1,
"url": "https://technet.microsoft.com/library/security/2755801"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/72343"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1031634"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/62432"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/62543"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/62660"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0312"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150128-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150004.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0312"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15246"
},
{
"trust": 0.3,
"url": "https://www.adobe.com/software/flash/about/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/415.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:0094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37202"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0311"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0312"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-0094.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0312"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0311"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0310"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "BID",
"id": "72343"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "PACKETSTORM",
"id": "130128"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-78258"
},
{
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"db": "BID",
"id": "72343"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"db": "PACKETSTORM",
"id": "130128"
},
{
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-78258"
},
{
"date": "2015-01-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"date": "2015-01-27T00:00:00",
"db": "BID",
"id": "72343"
},
{
"date": "2015-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"date": "2015-01-28T00:27:43",
"db": "PACKETSTORM",
"id": "130128"
},
{
"date": "2015-01-28T22:59:01.937000",
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"date": "2015-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78258"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0312"
},
{
"date": "2015-01-27T00:00:00",
"db": "BID",
"id": "72343"
},
{
"date": "2015-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001263"
},
{
"date": "2021-09-08T17:19:29.487000",
"db": "NVD",
"id": "CVE-2015-0312"
},
{
"date": "2020-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Memory double free vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-668"
}
],
"trust": 0.6
}
}
VAR-201603-0266
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-0999 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. The product enables viewing of applications, content and video across screens and browsers. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1000"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-1000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-1000",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88510",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1000",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1000",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-181",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88510",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1000",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-0999 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. The product enables viewing of applications, content and video across screens and browsers. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-88510",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39610",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1000",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39610",
"trust": 1.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "136360",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88510",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"id": "VAR-201603-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:13.070000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60540"
},
{
"title": "Red Hat: CVE-2016-1000",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-1000"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39610/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1582.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1583.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1000"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1000"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88510"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:21.027000",
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88510"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"date": "2022-12-14T19:44:00.990000",
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
],
"trust": 0.6
}
}
VAR-201603-0279
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0279",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0962",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0962",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88472",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0962",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0962",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-197",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88472",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0962",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0962",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88472",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0962",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"id": "VAR-201603-0279",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:13.028000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Adobe Flash Player Repair measures for memory corruption vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60555"
},
{
"title": "Red Hat: CVE-2016-0962",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0962"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0962"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0962"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88472"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:05.023000",
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88472"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"date": "2022-12-14T19:33:52.987000",
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
],
"trust": 0.6
}
}
VAR-201603-0272
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0989"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0989",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0989",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0989",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0989",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-190",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88499",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0989",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0989",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88499",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0989",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"id": "VAR-201603-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.218000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60549"
},
{
"title": "Red Hat: CVE-2016-0989",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0989"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0989"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0989"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88499"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:09.963000",
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88499"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"date": "2023-04-26T18:38:04.547000",
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
],
"trust": 0.6
}
}
VAR-201602-0328
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0978",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0978",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0978",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0978",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-236",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88488",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0978",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0978",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88488",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0978",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"id": "VAR-201602-0328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60178"
},
{
"title": "Red Hat: CVE-2016-0978",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0978"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0978"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0978"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88488"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:26.280000",
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88488"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"date": "2023-01-30T17:53:35.487000",
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
],
"trust": 0.6
}
}
VAR-201602-0330
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0330",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0980"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0980",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0980",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88490",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0980",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0980",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-238",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88490",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0980",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0980",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88490",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0980",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"id": "VAR-201602-0330",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88490"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.587000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60180"
},
{
"title": "Red Hat: CVE-2016-0980",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0980"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0980"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0980"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88490"
},
{
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88490"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:28.157000",
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88490"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0980"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001473"
},
{
"date": "2023-01-30T17:53:19.917000",
"db": "NVD",
"id": "CVE-2016-0980"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001473"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-238"
}
],
"trust": 0.6
}
}
VAR-201603-0261
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0261",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0995"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0995",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88505",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0995",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0995",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-185",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88505",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0995",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0995",
"trust": 2.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88505",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0995",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"id": "VAR-201603-0261",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88505"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.913000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60544"
},
{
"title": "Red Hat: CVE-2016-0995",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0995"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0995"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0995"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88505"
},
{
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88505"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:15.900000",
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88505"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0995"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001734"
},
{
"date": "2022-12-14T18:14:50.330000",
"db": "NVD",
"id": "CVE-2016-0995"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001734"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-185"
}
],
"trust": 0.6
}
}
VAR-201602-0337
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0966"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0966",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0966",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88476",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0966",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0966",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-224",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88476",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0966",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0966",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88476",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0966",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"id": "VAR-201602-0337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.102000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60166"
},
{
"title": "Red Hat: CVE-2016-0966",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0966"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0966"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0966"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88476"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:13.797000",
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88476"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"date": "2023-01-30T18:00:02.307000",
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
],
"trust": 0.6
}
}
VAR-201602-0325
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code by using inappropriate reference processing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of instanceof. The issue lies in the failure to safely hold a reference to arguments during execution of the function. A use-after-free vulnerability exists in the 'instanceof' function of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0975"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0975",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0975",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0975",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88485",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0975",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2016-0975",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-233",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88485",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0975",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code by using inappropriate reference processing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of instanceof. The issue lies in the failure to safely hold a reference to arguments during execution of the function. A use-after-free vulnerability exists in the \u0027instanceof\u0027 function of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0975",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-160",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3452",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88485",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"id": "VAR-201602-0325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88485"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.830000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60175"
},
{
"title": "Red Hat: CVE-2016-0975",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0975"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://zerodayinitiative.com/advisories/zdi-16-160/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0975"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0975"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88485"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:23.030000",
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"date": "2023-01-20T00:00:00",
"db": "VULHUB",
"id": "VHN-88485"
},
{
"date": "2023-01-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"date": "2023-01-20T13:39:30.860000",
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
],
"trust": 0.6
}
}
VAR-201603-0264
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0998"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0998",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0998",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88508",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0998",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0998",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-183",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88508",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0998",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39612",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-88508",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0998",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39612",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "39631",
"trust": 1.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "136358",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88508",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0998",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"id": "VAR-201603-0264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.789000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60542"
},
{
"title": "Red Hat: CVE-2016-0998",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0998"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39612/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/39631/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0998"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0998"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88508"
},
{
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88508"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:18.823000",
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88508"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0998"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001737"
},
{
"date": "2022-12-14T19:49:49.317000",
"db": "NVD",
"id": "CVE-2016-0998"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001737"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-183"
}
],
"trust": 0.6
}
}
VAR-201603-0200
Vulnerability from variot - Updated: 2023-12-18 12:06Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1001"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-1001",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-1001",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88743",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1001",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1001",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-180",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88743",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1001",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39609",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1001"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1001",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "39609",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180",
"trust": 0.7
},
{
"db": "BID",
"id": "84310",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136361",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88743",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"id": "VAR-201603-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.750000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60539"
},
{
"title": "Red Hat: CVE-2016-1001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-1001"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1001 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39609/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1001"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1001"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88743"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:21.900000",
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88743"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"date": "2022-12-14T19:40:57.873000",
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
],
"trust": 0.6
}
}
VAR-201603-0265
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0999"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0999",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88509",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0999",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0999",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-182",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88509",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0999",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-88509",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39611",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0999",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39611",
"trust": 1.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "136359",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88509",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0999",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"id": "VAR-201603-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60541"
},
{
"title": "Red Hat: CVE-2016-0999",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0999"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0988 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0991 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39611/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0999"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0999"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88509"
},
{
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88509"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:20.027000",
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88509"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0999"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001738"
},
{
"date": "2023-04-26T18:38:13.597000",
"db": "NVD",
"id": "CVE-2016-0999"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001738"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-182"
}
],
"trust": 0.6
}
}
VAR-201603-0278
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0278",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0961"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0961",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0961",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88471",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0961",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0961",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-192",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88471",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0961",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0961",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88471",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"id": "VAR-201603-0278",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=217646"
},
{
"title": "Red Hat: CVE-2016-0961",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0961"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0961"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0961"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=46664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88471"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:03.773000",
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88471"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"date": "2022-12-14T19:35:13.937000",
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
],
"trust": 0.6
}
}
VAR-201603-0271
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0988"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0988",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0988",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88498",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0988",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0988",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-193",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88498",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0988",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0987 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0988",
"trust": 2.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "136353",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88498",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0988",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"id": "VAR-201603-0271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88498"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60551"
},
{
"title": "Red Hat: CVE-2016-0988",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0988"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0988 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0991 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0988"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0988"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88498"
},
{
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88498"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:08.743000",
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-19T00:00:00",
"db": "VULHUB",
"id": "VHN-88498"
},
{
"date": "2023-01-19T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0988"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001727"
},
{
"date": "2023-01-19T02:55:05.903000",
"db": "NVD",
"id": "CVE-2016-0988"
},
{
"date": "2023-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001727"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-193"
}
],
"trust": 0.6
}
}
VAR-201602-0342
Vulnerability from variot - Updated: 2023-12-18 12:06Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0342",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0971"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0971",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0971",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88481",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0971",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0971",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-229",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88481",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0971",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39465",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0971"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0971",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39465",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "135820",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88481",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0971",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"id": "VAR-201602-0342",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88481"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60171"
},
{
"title": "Red Hat: CVE-2016-0971",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0971"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39465/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0971"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0971"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88481"
},
{
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88481"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:19.060000",
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88481"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0971"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001430"
},
{
"date": "2023-01-30T17:59:17.687000",
"db": "NVD",
"id": "CVE-2016-0971"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001430"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-229"
}
],
"trust": 0.6
}
}
VAR-201603-0276
Vulnerability from variot - Updated: 2023-12-18 12:06Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. This vulnerability CVE-2016-0963 and CVE-2016-1010 Is a different vulnerability.An attacker could execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0276",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0993"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0993",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0993",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88503",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0993",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0993",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-186",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88503",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0993",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. This vulnerability CVE-2016-0963 and CVE-2016-1010 Is a different vulnerability.An attacker could execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0993",
"trust": 2.8
},
{
"db": "BID",
"id": "84308",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88503",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0993",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"id": "VAR-201603-0276",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88503"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.548000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product Integer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60545"
},
{
"title": "Red Hat: CVE-2016-0993",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0993"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0993 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0963 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1010 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.1
},
{
"problemtype": "CWE-189",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84308"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0993"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0993"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88503"
},
{
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88503"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:13.743000",
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88503"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0993"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001732"
},
{
"date": "2022-12-14T18:55:57.027000",
"db": "NVD",
"id": "CVE-2016-0993"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001732"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-186"
}
],
"trust": 0.6
}
}
VAR-201602-0335
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0964"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0964",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0964",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88474",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0964",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0964",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-222",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88474",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0964",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-88474",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39467",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0964",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39467",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135816",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88474",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0964",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"id": "VAR-201602-0335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.710000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60164"
},
{
"title": "Red Hat: CVE-2016-0964",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0964"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39467/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0964"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0964"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88474"
},
{
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88474"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:11.873000",
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88474"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0964"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001423"
},
{
"date": "2023-01-26T21:42:35.383000",
"db": "NVD",
"id": "CVE-2016-0964"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001423"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-222"
}
],
"trust": 0.6
}
}
VAR-201602-0336
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0336",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0965"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0965",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0965",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88475",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0965",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0965",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-223",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88475",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0965",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39460",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0965"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0965",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39460",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "135817",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88475",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"id": "VAR-201602-0336",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88475"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.304000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60165"
},
{
"title": "Red Hat: CVE-2016-0965",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0965"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39460/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0965"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0965"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88475"
},
{
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88475"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:12.797000",
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88475"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0965"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001424"
},
{
"date": "2023-01-26T21:42:32.063000",
"db": "NVD",
"id": "CVE-2016-0965"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001424"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-223"
}
],
"trust": 0.6
}
}
VAR-201602-0323
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy the attacker, URLLoader.load Arbitrary code may be executed via a call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of URLRequest objects. By calling URLLoader.load on a URLRequest object, an attacker can force a dangling pointer to be reused after it has been freed. A reuse-after-free vulnerability exists in the URLRequest object implementation of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0323",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0973"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0973",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0973",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0973",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88483",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0973",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2016-0973",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-231",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88483",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0973",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy the attacker, URLLoader.load Arbitrary code may be executed via a call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of URLRequest objects. By calling URLLoader.load on a URLRequest object, an attacker can force a dangling pointer to be reused after it has been freed. A reuse-after-free vulnerability exists in the URLRequest object implementation of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0973",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-161",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3430",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-88483",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"id": "VAR-201602-0323",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88483"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60173"
},
{
"title": "Red Hat: CVE-2016-0973",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0973"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://zerodayinitiative.com/advisories/zdi-16-161/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0973"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0973"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"db": "VULHUB",
"id": "VHN-88483"
},
{
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88483"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:21.063000",
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-161"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88483"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0973"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001434"
},
{
"date": "2023-01-26T21:38:58.760000",
"db": "NVD",
"id": "CVE-2016-0973"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001434"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-231"
}
],
"trust": 0.6
}
}
VAR-201602-0332
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0332",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0982"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0982",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88492",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0982",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0982",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-240",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88492",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0982",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0982",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88492",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0982",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"id": "VAR-201602-0332",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60182"
},
{
"title": "Red Hat: CVE-2016-0982",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0982"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0982"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0982"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88492"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:30.530000",
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88492"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"date": "2023-01-26T21:38:33.867000",
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
],
"trust": 0.6
}
}